From patchwork Fri Sep 23 17:38:51 2011
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Simon Glass <sjg@chromium.org>
X-Patchwork-Id: 116159
Return-Path: <u-boot-bounces@lists.denx.de>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from theia.denx.de (theia.denx.de [85.214.87.163])
	by ozlabs.org (Postfix) with ESMTP id 5B810B6F82
	for <incoming@patchwork.ozlabs.org>;
	Sat, 24 Sep 2011 03:39:46 +1000 (EST)
Received: from localhost (localhost [127.0.0.1])
	by theia.denx.de (Postfix) with ESMTP id 5E99128754;
	Fri, 23 Sep 2011 19:39:44 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at theia.denx.de
Received: from theia.denx.de ([127.0.0.1])
	by localhost (theia.denx.de [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id ZPY6RNyH0Roj; Fri, 23 Sep 2011 19:39:43 +0200 (CEST)
Received: from theia.denx.de (localhost [127.0.0.1])
	by theia.denx.de (Postfix) with ESMTP id B4B0C28755;
	Fri, 23 Sep 2011 19:39:38 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1])
	by theia.denx.de (Postfix) with ESMTP id D76BE2871F
	for <u-boot@lists.denx.de>; Fri, 23 Sep 2011 19:39:31 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at theia.denx.de
Received: from theia.denx.de ([127.0.0.1])
	by localhost (theia.denx.de [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id A1R1eTQtwXUd for <u-boot@lists.denx.de>;
	Fri, 23 Sep 2011 19:39:31 +0200 (CEST)
X-policyd-weight: NOT_IN_SBL_XBL_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5
	NOT_IN_BL_NJABL=-1.5 (only DNSBL check requested)
Received: from smtp-out.google.com (smtp-out.google.com [74.125.121.67])
	by theia.denx.de (Postfix) with ESMTPS id 1553728715
	for <u-boot@lists.denx.de>; Fri, 23 Sep 2011 19:39:29 +0200 (CEST)
Received: from hpaq13.eem.corp.google.com (hpaq13.eem.corp.google.com
	[172.25.149.13]) by smtp-out.google.com with ESMTP id p8NHdShH032300;
	Fri, 23 Sep 2011 10:39:28 -0700
Received: from sglass.mtv.corp.google.com (sglass.mtv.corp.google.com
	[172.22.72.144])
	by hpaq13.eem.corp.google.com with ESMTP id p8NHdQDs015159;
	Fri, 23 Sep 2011 10:39:27 -0700
Received: by sglass.mtv.corp.google.com (Postfix, from userid 121222)
	id 694DF140CED; Fri, 23 Sep 2011 10:39:26 -0700 (PDT)
From: Simon Glass <sjg@chromium.org>
To: U-Boot Mailing List <u-boot@lists.denx.de>
Date: Fri, 23 Sep 2011 10:38:51 -0700
Message-Id: <1316799532-20761-4-git-send-email-sjg@chromium.org>
X-Mailer: git-send-email 1.7.3.1
In-Reply-To: <1316799532-20761-1-git-send-email-sjg@chromium.org>
References: <1316799532-20761-1-git-send-email-sjg@chromium.org>
X-System-Of-Record: true
Cc: Sonny Rao <sonnyrao@chromium.org>
Subject: [U-Boot] [PATCH 3/4] Make printf and vprintf safe from buffer
	overruns
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <http://lists.denx.de/mailman/listinfo/u-boot>,
	<mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <http://lists.denx.de/pipermail/u-boot>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <http://lists.denx.de/mailman/listinfo/u-boot>,
	<mailto:u-boot-request@lists.denx.de?subject=subscribe>
MIME-Version: 1.0
Sender: u-boot-bounces@lists.denx.de
Errors-To: u-boot-bounces@lists.denx.de

From: Sonny Rao <sonnyrao@chromium.org>

From: Sonny Rao <sonnyrao@chromium.org>

utilize the added vscnprintf functions to avoid buffer overruns
The implementation is fairly dumb in that it doesn't detect
that the buffer is too small, but at least will not cause crashes.

Signed-off-by: Simon Glass <sjg@chromium.org>
---
 common/console.c |   10 +++++-----
 1 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/common/console.c b/common/console.c
index 8c650e0..6057e9a 100644
--- a/common/console.c
+++ b/common/console.c
@@ -212,7 +212,7 @@ int serial_printf(const char *fmt, ...)
 	/* For this to work, printbuffer must be larger than
 	 * anything we ever want to print.
 	 */
-	i = vsprintf(printbuffer, fmt, args);
+	i = vscnprintf(printbuffer, CONFIG_SYS_PBSIZE, fmt, args);
 	va_end(args);
 
 	serial_puts(printbuffer);
@@ -281,7 +281,7 @@ int fprintf(int file, const char *fmt, ...)
 	/* For this to work, printbuffer must be larger than
 	 * anything we ever want to print.
 	 */
-	i = vsprintf(printbuffer, fmt, args);
+	i = vscnprintf(printbuffer, CONFIG_SYS_PBSIZE, fmt, args);
 	va_end(args);
 
 	/* Send to desired file */
@@ -376,7 +376,7 @@ int printf(const char *fmt, ...)
 	/* For this to work, printbuffer must be larger than
 	 * anything we ever want to print.
 	 */
-	i = vsprintf(printbuffer, fmt, args);
+	i = vscnprintf(printbuffer, CONFIG_SYS_PBSIZE, fmt, args);
 	va_end(args);
 
 	/* Print the string */
@@ -392,7 +392,7 @@ int vprintf(const char *fmt, va_list args)
 	/* For this to work, printbuffer must be larger than
 	 * anything we ever want to print.
 	 */
-	i = vsprintf(printbuffer, fmt, args);
+	i = vscnprintf(printbuffer, CONFIG_SYS_PBSIZE, fmt, args);
 
 	/* Print the string */
 	puts(printbuffer);
@@ -459,7 +459,7 @@ inline void dbg(const char *fmt, ...)
 	/* For this to work, printbuffer must be larger than
 	 * anything we ever want to print.
 	 */
-	i = vsprintf(printbuffer, fmt, args);
+	i = vsnprintf(printbuffer, CONFIG_SYS_PBSIZE, fmt, args);
 	va_end(args);
 
 	if ((screen + sizeof(screen) - 1 - cursor)