[U-Boot] [PATCH v3 2/2] image: Protect against overflow in unknown_msg()
Simon Glass
sjg at chromium.org
Fri Oct 28 04:18:39 CEST 2016
Coverity complains that this can overflow. If we later increase the size
of one of the strings in the table, it could happen.
Adjust the code to protect against this.
Signed-off-by: Simon Glass <sjg at chromium.org>
Reported-by: Coverity (CID: 150964)
---
Changes in v3:
- Adjust to deal with what strncpy() actually does (I think)
Changes in v2:
- Drop unwanted #include
common/image.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/common/image.c b/common/image.c
index 0e86c13..016f263 100644
--- a/common/image.c
+++ b/common/image.c
@@ -588,9 +588,11 @@ const table_entry_t *get_table_entry(const table_entry_t *table, int id)
static const char *unknown_msg(enum ih_category category)
{
static char msg[30];
+ static char unknown_str = "Unknown ";
- strcpy(msg, "Unknown ");
- strcat(msg, table_info[category].desc);
+ strcpy(msg, unknown_str);
+ strncat(msg, table_info[category].desc,
+ sizeof(msg) - sizeof(unknown_str));
return msg;
}
--
2.8.0.rc3.226.g39d4020
More information about the U-Boot
mailing list