Message ID | 1450843689-25328-1-git-send-email-van.freenix@gmail.com |
---|---|
State | Accepted |
Delegated to: | Tom Rini |
Headers | show |
On Wed, Dec 23, 2015 at 12:08:09PM +0800, Peng Fan wrote: > From: Peng Fan <peng.fan@nxp.com> > > Use snprintf to replace sprintf. > > Coverity log: > " > Unbounded source buffer (STRING_SIZE) > string_size: Passing string init_val of unknown size to sprintf. > " > > Reported-by: Coverity > Signed-off-by: Peng Fan <peng.fan@nxp.com> > Cc: Tom Rini <trini@konsulko.com> > Cc: Simon Glass <sjg@chromium.org> > Reviewed-by: Joe Hershberger <joe.hershberger@ni.com> Applied to u-boot/master, thanks!
diff --git a/common/cmd_nvedit.c b/common/cmd_nvedit.c index f4c2523..3d295d1 100644 --- a/common/cmd_nvedit.c +++ b/common/cmd_nvedit.c @@ -594,7 +594,7 @@ static int do_env_edit(cmd_tbl_t *cmdtp, int flag, int argc, /* Set read buffer to initial value or empty sting */ init_val = getenv(argv[1]); if (init_val) - sprintf(buffer, "%s", init_val); + snprintf(buffer, CONFIG_SYS_CBSIZE, "%s", init_val); else buffer[0] = '\0';