From 068af6f843844319dc4d5c76020d311a69000482 Mon Sep 17 00:00:00 2001 From: Sonny Rao Date: Mon, 10 Oct 2011 09:22:31 +0000 Subject: Make printf and vprintf safe from buffer overruns From: Sonny Rao utilize the added vscnprintf functions to avoid buffer overruns The implementation is fairly dumb in that it doesn't detect that the buffer is too small, but at least will not cause crashes. Signed-off-by: Sonny Rao --- common/console.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'common') diff --git a/common/console.c b/common/console.c index d34a0f4d87d..1d9fd7ff42b 100644 --- a/common/console.c +++ b/common/console.c @@ -212,7 +212,7 @@ int serial_printf(const char *fmt, ...) /* For this to work, printbuffer must be larger than * anything we ever want to print. */ - i = vsprintf(printbuffer, fmt, args); + i = vscnprintf(printbuffer, sizeof(printbuffer), fmt, args); va_end(args); serial_puts(printbuffer); @@ -281,7 +281,7 @@ int fprintf(int file, const char *fmt, ...) /* For this to work, printbuffer must be larger than * anything we ever want to print. */ - i = vsprintf(printbuffer, fmt, args); + i = vscnprintf(printbuffer, sizeof(printbuffer), fmt, args); va_end(args); /* Send to desired file */ @@ -434,7 +434,7 @@ int printf(const char *fmt, ...) /* For this to work, printbuffer must be larger than * anything we ever want to print. */ - i = vsprintf(printbuffer, fmt, args); + i = vscnprintf(printbuffer, sizeof(printbuffer), fmt, args); va_end(args); /* Print the string */ @@ -455,7 +455,7 @@ int vprintf(const char *fmt, va_list args) /* For this to work, printbuffer must be larger than * anything we ever want to print. */ - i = vsprintf(printbuffer, fmt, args); + i = vscnprintf(printbuffer, sizeof(printbuffer), fmt, args); /* Print the string */ puts(printbuffer); @@ -522,7 +522,7 @@ inline void dbg(const char *fmt, ...) /* For this to work, printbuffer must be larger than * anything we ever want to print. */ - i = vsprintf(printbuffer, fmt, args); + i = vsnprintf(printbuffer, sizeof(printbuffer), fmt, args); va_end(args); if ((screen + sizeof(screen) - 1 - cursor) -- cgit v1.2.3 From a97f6efdb1b4281d9e733a7b73735c5ed2e5cfcb Mon Sep 17 00:00:00 2001 From: Andreas Bießmann Date: Thu, 15 Dec 2011 09:56:53 +0100 Subject: cmd_sf.c: fix printf() length modifier size_t is not always 'unsigned int', use corret length modifer. This patch fixes following warning: ---8<--- cmd_sf.c: In function 'spi_flash_update_block': cmd_sf.c:130: warning: format '%#x' expects type 'unsigend int', but argument 4 has type 'size_t' cmd_sf.c:135: warning: format '%x' expects type 'unsigned int', but argument 3 has type 'size_t' --->8--- Signed-off-by: Andreas Bießmann cc: Mike Frysinger cc: Thomas Chou Acked-by: Mike Frysinger --- common/cmd_sf.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'common') diff --git a/common/cmd_sf.c b/common/cmd_sf.c index 72256567d32..612fd18617a 100644 --- a/common/cmd_sf.c +++ b/common/cmd_sf.c @@ -127,12 +127,12 @@ static int do_spi_flash_probe(int argc, char * const argv[]) static const char *spi_flash_update_block(struct spi_flash *flash, u32 offset, size_t len, const char *buf, char *cmp_buf, size_t *skipped) { - debug("offset=%#x, sector_size=%#x, len=%#x\n", + debug("offset=%#x, sector_size=%#x, len=%#zx\n", offset, flash->sector_size, len); if (spi_flash_read(flash, offset, len, cmp_buf)) return "read"; if (memcmp(cmp_buf, buf, len) == 0) { - debug("Skip region %x size %x: no change\n", + debug("Skip region %x size %zx: no change\n", offset, len); *skipped += len; return NULL; -- cgit v1.2.3