[PATCH] image: Ensure image header name is null terminated

Simon Glass sjg at chromium.org
Thu Sep 15 00:39:19 CEST 2022


Hi,

On Wed, 14 Sept 2022 at 16:11, Tom Rini <trini at konsulko.com> wrote:
>
> On Tue, Aug 23, 2022 at 03:59:07PM +1000, Joel Stanley wrote:
>
> > When building with GCC 12:
> >
> > ../include/image.h:779:9: warning: ‘strncpy’ specified bound 32 equals destination size [-Wstringop-truncation]
> >   779 |         strncpy(image_get_name(hdr), name, IH_NMLEN);
> >       |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> >
> > Ensure the copied string is null terminated by always setting the final
> > byte to 0. Shorten the strncpy to IH_NMLEN-1 as we will always overwrite
> > the last byte.
> >
> > We can't use strlcpy as this is code is built on the host as well as the
> > target.
> >
> > Fixes: b97a2a0a21f2 ("[new uImage] Define a API for image handling operations")
> > Signed-off-by: Joel Stanley <joel at jms.id.au>
>
> So this breaks some tests:
> https://source.denx.de/u-boot/u-boot/-/jobs/496773#L201
> and it's not clear to me if the problem is the tests or the fix itself
> (should we be doing a buffer of IH_NMLEN+1 and ensuring that's NULL
> terminated? I don't know).

My reading of it is that the field is of length IH_NMLEN and there is
only a terminator if the string is shorter than that.

So I don't think this patch is correct / needed. Perhaps we can find a
way to silence the warning, e.g. using memcyp(xx,yy, min(IH_NMLEN,
strnlen(yy, ...) + 1)) ?

Regards,
Simon


More information about the U-Boot mailing list