From patchwork Thu Aug 22 19:58:26 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Heinrich Schuchardt X-Patchwork-Id: 1151774 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=gmx.de Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; secure) header.d=gmx.net header.i=@gmx.net header.b="N6ZMHSg0"; dkim-atps=neutral Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 46DwMd4DdPz9sMr for ; Fri, 23 Aug 2019 05:58:51 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id C0DADC220D7; Thu, 22 Aug 2019 19:58:44 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=FREEMAIL_FROM, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 3E10FC22066; Thu, 22 Aug 2019 19:58:43 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 71E07C22066; Thu, 22 Aug 2019 19:58:42 +0000 (UTC) Received: from mout.gmx.net (mout.gmx.net [212.227.15.15]) by lists.denx.de (Postfix) with ESMTPS id 05F04C22047 for ; Thu, 22 Aug 2019 19:58:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1566503913; bh=u5pd6CU5Phb9WaZDI0mvgrbKO1acH3og3Hb/t40m0hI=; h=X-UI-Sender-Class:From:To:Cc:Subject:Date; b=N6ZMHSg0/mwZ3CM7+EiQeXXoPGLF5z+zyodtYdJmxQ3oWhq0AmhbtRW9XYeDsBM0u W/QPkGw+lWJHyI2r8lfVcj/RpiA1HX8zJIyJgUYv69rYniiRPp0G2qFqXqtvWd6uiu zLXxSUiRjcTjqZbkyOhpzqxmxo7nH5wsewmO/yPU= X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c Received: from LT02.fritz.box ([84.118.159.3]) by mail.gmx.com (mrgmx002 [212.227.17.184]) with ESMTPSA (Nemesis) id 0LdHqj-1iizKy1L1N-00iUxH; Thu, 22 Aug 2019 21:58:33 +0200 From: Heinrich Schuchardt To: Albert Aribaud Date: Thu, 22 Aug 2019 21:58:26 +0200 Message-Id: <20190822195826.10142-1-xypron.glpk@gmx.de> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 X-Provags-ID: V03:K1:A72Do6nTstYbo2ipmKVXwULOc+cmYo+G5oRdx3Py9Pr7sfatf/B 480C8qg6C6+6/lL15WySZl/0FwY9n6z5tzd2lxzhCclXErp8gTCnH2lwq1o9pzEt9wPkxUz NZDyB1n/9KY2YQ8T1c81vCAbtd97SVql5RmkUY8JEgtg43kpqEdzHtlwszWpHqbfaZMPxAv fLZu9NOZZp3SMoNawWvKw== X-UI-Out-Filterresults: notjunk:1; V03:K0:DrUJDJvyf4k=:GQMiQVgwpnlvgLCnhswuGc VtI2WZh0xncnPa7UWEczqbRMSXQeROphftNPTQ+2L08dd/20yk8a+C9Dk8NrBI4ypNhND+Jw4 LDVzfje8WTAqGCvhFp/vBLrlZOpYbQPh1pSnzuRRb1A+0yZJ/zqCF9sMtDzcR3XnZ+EqKzywG 36s6gpyZARnivQhlsyZ/tkc7haI6gLPGc3QxqsF49lEcWxG9HuO1yxQ7Ns1lylSPErBm+Lsxx hDoW8nWKsMODSD+NxGdnTlPnGH0MnUohovmahYKBVjtnUP0qR9jNu3LkaPvty4j+8pDbyshW4 iqsTVPJNXcUaUUZcOOtf95VupdzckhA4d44z95dF35yrIngTaa39hDb1t+q0x+c7qW5HZZlN+ thw92sM5kbwzuElZxA6jBcsJtMF6DihqF8HcOQ37/c6zIZ2UGqWLswYcEOAAbhyRU5cv6pn++ LHNVB5wSpkeDmUj3U7YUxKfjRUIh9VWlSysEmKoZB5QUCO4rJgIlgrPgUtglKRyz1QZfX90QY e361Z1Fe/hKHq/l2Io1LUsQnHOxuPkPv86HAoSiH9JL12QhswpVEiObCeCJF8BkrtQcMetFrn oZeZVSOep9mzE7VZVCTrrB0+FNC1VjYVi9RvTduk9tdB/RwcqyGgjZpetjI/sYNFkWwfCZLyF gqVDdIj/0xV+4/WGhyjAKbb2sg0wE6hg2FHtvyTekueP66X4Te5mP/W8PHHm0XEuVvthulj4Q EnLs8KNZVY4uLuqULriufDErkKcdOv201S7GLwVkNYwr3KQnq2Sqk7WD9paBsombFaxgFWy8Y RA3tcCf50G0GorMOjIxabT8Xn0TJEsXhpgTWi+ekrmQZPWzoIXfGKTlpEwa3+syHOehuqmScR MOcjfL6AqZCoPPwIFaKMYjgROoSJcS3XzAMJzv6PPu9zAJx0Q+h8hYeNVabLq+XkuzYUiYOTb hsz+fp2RSIYdAoBihoJmDyg2ewhqaKOzT7cTdEuBG0XiMKHZ7gtedsGupJLzhtEL1b06DZkFJ hO1s+iFh/ft6l4Ux6bjLK+5hXsVH5Wn+hdFs8SXrOj7tVF7Jf2Ph3PYA9ldo5urVruAsBxoXf 5maOJIXtbdA0kLjnceaJBTFh38MKcpOI6XVBHPQ6ltgDZzm6zBbw8Ykvg== Cc: Joe Hershberger , Heinrich Schuchardt , u-boot@lists.denx.de Subject: [U-Boot] [PATCH 1/1] siemens: avoid out of bound access X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" char num[1]; sprintf(num, "%d", i); leads to a buffer overrun. Simplify the overly complex coding. Signed-off-by: Heinrich Schuchardt Reviewed-by: Bin Meng Acked-by: Heiko Schocher --- board/siemens/common/board.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) -- 2.20.1 diff --git a/board/siemens/common/board.c b/board/siemens/common/board.c index 676935a843..75462d1c34 100644 --- a/board/siemens/common/board.c +++ b/board/siemens/common/board.c @@ -189,14 +189,11 @@ void set_env_gpios(unsigned char state) { char *ptr_env; char str_tmp[5]; /* must contain "ledX"*/ - char num[1]; unsigned char i, idx, pos1, pos2, ccount; unsigned char gpio_n, gpio_s0, gpio_s1; for (i = 0; i < MAX_NR_LEDS; i++) { - strcpy(str_tmp, "led"); - sprintf(num, "%d", i); - strcat(str_tmp, num); + sprintf(str_tmp, "led%d", i); /* If env var is not found we stop */ ptr_env = env_get(str_tmp);