[PATCH 1/5] tiny-printf: Handle NULL pointer argument to %s
Benedikt Spranger
b.spranger at linutronix.de
Fri Oct 18 10:30:02 CEST 2024
A NULL pointer argument to %s causes a NULL pointer dereference in the
fixed width numerical printout code, since p is overwritten with NULL.
In case of %s width is 0. Check width before dereferencing the pointer.
Signed-off-by: Benedikt Spranger <b.spranger at linutronix.de>
Reviewed-by: John Ogness <john.ogness at linutronix.de>
---
lib/tiny-printf.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/tiny-printf.c b/lib/tiny-printf.c
index 9a70c6095b3..b2f31c4004a 100644
--- a/lib/tiny-printf.c
+++ b/lib/tiny-printf.c
@@ -311,7 +311,7 @@ static int _vprintf(struct printf_info *info, const char *fmt, va_list va)
*info->bf = 0;
info->bf = p;
- while (*info->bf++ && width > 0)
+ while (width > 0 && info->bf && *info->bf++)
width--;
while (width-- > 0)
info->putc(info, lz ? '0' : ' ');
--
2.45.2
More information about the U-Boot
mailing list