[PATCH] mkimage: fit: Simplify tmpfile name calculation

Sean Anderson sean.anderson at seco.com
Fri Apr 8 22:33:58 CEST 2022


Hi Heinrich,

On 4/8/22 4:25 PM, Heinrich Schuchardt wrote:
> On 4/8/22 21:45, Sean Anderson wrote:
>> snprintf will not overrun the buffer, and will return the number of
>> characters which would have been printed (had the buffer been large
>> enough). This allows us to create the tmpfile name and check for
>> overflow in one pass.
>>
>> Signed-off-by: Sean Anderson <sean.anderson at seco.com>
>> ---
>>
>>   tools/fit_image.c | 5 ++---
>>   1 file changed, 2 insertions(+), 3 deletions(-)
>>
>> diff --git a/tools/fit_image.c b/tools/fit_image.c
>> index 1884a2eb0b..0d5a6a28f9 100644
>> --- a/tools/fit_image.c
>> +++ b/tools/fit_image.c
>> @@ -684,14 +684,13 @@ static int fit_handle_file(struct image_tool_params *params)
>>       debug ("FIT format handling\n");
>>
>>       /* call dtc to include binary properties into the tmp file */
>> -    if (strlen (params->imagefile) +
>> -        strlen (MKIMAGE_TMPFILE_SUFFIX) + 1 > sizeof (tmpfile)) {
>> +    if (snprintf(tmpfile, sizeof(tmpfile), "%s%s", params->imagefile,
>> +             MKIMAGE_TMPFILE_SUFFIX) >= sizeof(tmpfile)) {
> 
> params->imagefile is not a mere file name but a path to a file which may
> be PATH_MAX (typically 4096) characters long. Don't impose a 256
> character limit. Use PATH_MAX instead of any other limit.

Send a patch to change MKIMAGE_MAX_TMPFILE_LEN to PATH_MAX :)

> Anyway it would be better to avoid superfluous file operations and write
> to the output file only.

Yes, probably, but I don't have time to refactor it right now.

--Sean


More information about the U-Boot mailing list