[U-Boot] [PATCH 3/8] sandbox: Use memcpy() to move overlapping regions

Simon Glass sjg at chromium.org
Sat Jun 9 18:22:29 UTC 2018


The use of strcpy() to remove characters at the start of a string is safe
in U-Boot, since we know the implementation. But in os.c we are using the
C library's strcpy() function, where this behaviour is not permitted.

Update the code to use memcpy() instead.

Reported-by: Coverity (CID: 173279)

Signed-off-by: Simon Glass <sjg at chromium.org>
---

 arch/sandbox/cpu/os.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/arch/sandbox/cpu/os.c b/arch/sandbox/cpu/os.c
index 5839932b00..496a8f9bd8 100644
--- a/arch/sandbox/cpu/os.c
+++ b/arch/sandbox/cpu/os.c
@@ -587,7 +587,8 @@ int os_find_u_boot(char *fname, int maxlen)
 	/* Look for 'u-boot' in the parent directory of spl/ */
 	p = strstr(fname, "/spl/");
 	if (p) {
-		strcpy(p, p + 4);
+		/* Remove the "/spl" characters */
+		memmove(p, p + 4, strlen(p + 4) + 1);
 		fd = os_open(fname, O_RDONLY);
 		if (fd >= 0) {
 			close(fd);
-- 
2.18.0.rc1.242.g61856ae69a-goog



More information about the U-Boot mailing list