[U-Boot] [PATCH 1/1] lib: vsprintf: avoid overflow printing UTF16 strings

Simon Glass sjg at chromium.org
Sun Feb 10 09:49:03 UTC 2019


On Sat, 9 Feb 2019 at 18:08, Heinrich Schuchardt <xypron.glpk at gmx.de> wrote:
>
> We have to ensure while printing UTF16 strings that we do not exceed the
> end of the print buffer.
>
> Signed-off-by: Heinrich Schuchardt <xypron.glpk at gmx.de>
> ---
>  lib/vsprintf.c | 10 +++++++---
>  1 file changed, 7 insertions(+), 3 deletions(-)
>

Reviewed-by: Simon Glass <sjg at chromium.org>

Please see below.

> diff --git a/lib/vsprintf.c b/lib/vsprintf.c
> index 4213441fbf..48304607b7 100644
> --- a/lib/vsprintf.c
> +++ b/lib/vsprintf.c
> @@ -279,13 +279,17 @@ static char *string(char *buf, char *end, char *s, int field_width,
>  static char *string16(char *buf, char *end, u16 *s, int field_width,
>                 int precision, int flags)
>  {
> -       u16 *str = s ? s : L"<NULL>";
> -       ssize_t len = utf16_strnlen(str, precision);
> +       const u16 *str = s ? s : L"<NULL>";
> +       ssize_t i, len = utf16_strnlen(str, precision);
>
>         if (!(flags & LEFT))
>                 for (; len < field_width; --field_width)
>                         ADDCH(buf, ' ');
> -       utf16_utf8_strncpy(&buf, str, len);
> +       for (i = 0; i < len && buf <= end - MAX_UTF8_PER_UTF16; ++i) {

I'm a bit worried that this is overly conservative. Could utf16_get()
perhaps return the actual length?

> +               s32 s = utf16_get(&str);
> +
> +               utf8_put(s, &buf);
> +       }
>         for (; len < field_width; --field_width)
>                 ADDCH(buf, ' ');
>         return buf;
> --
> 2.20.1
>

Regards,
Simon


More information about the U-Boot mailing list