[U-Boot] kconfig: revert change that was not needed for -Wformat-security
Tom Rini
trini at konsulko.com
Mon Jan 29 20:21:08 UTC 2018
On Sun, Jan 28, 2018 at 06:41:23PM +0900, Masahiro Yamada wrote:
> Recent GCC versions warn if the format string is not a literal
> because the compiler cannot check the argument validity at compile
> time.
>
> Commit 192bc6948b02 ("Fix GCC format-security errors and convert
> sprintfs.") blindly replaced sprintf() with strcpy(), including
> many cases where the format parameter is a string literal.
>
> For the kconfig change:
>
> sprintf(header, " ");
>
> ..., here the format parameter is a string literal " ", so it is
> definitely equivalent to:
>
> strcpy(header, " ");
>
> Of course, if the 'header' did not have enough length for containing
> " ", it would be a security problem, but another problem. (in this
> case, the 'header' is 4 byte length buffer, so it is not a problem at
> all.)
>
> The kconfig code is kept as synced with Linux as possible, but this
> change made the code out-of-sync for nothing. Just reverting.
>
> Signed-off-by: Masahiro Yamada <yamada.masahiro at socionext.com>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180129/8aa92073/attachment.sig>
More information about the U-Boot
mailing list