[U-Boot] cmd/nvedit.c: Update input handling to cover overflow cases
Tom Rini
trini at konsulko.com
Sat Oct 7 13:09:08 UTC 2017
On Tue, Sep 26, 2017 at 07:37:11PM -0400, Tom Rini wrote:
> When we have multiple messages provided, we need to be sure that we do
> not exceed the length of our 'message' buffer. In the for loop, make
> sure that pos is not larger than message. Only copy in at most however
> much of the message buffer remains. Finally, if we have not reached the
> end of the message buffer, put in a space and NULL, and if we have,
> ensure the buffer is now NULL termined.
>
> Reported-by: Coverity (CID: 165116)
> Signed-off-by: Tom Rini <trini at konsulko.com>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20171007/bfeff452/attachment.sig>
More information about the U-Boot
mailing list