[PATCH] fastboot: Fix off by 1 error

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH] fastboot: Fix off by 1 error
@ 2025-07-17  8:43 Andrew Goodbody
  2025-07-18  8:08 ` Mattijs Korpershoek
  2025-07-22 19:46 ` Tom Rini
  0 siblings, 2 replies; 3+ messages in thread
From: Andrew Goodbody @ 2025-07-17  8:43 UTC (permalink / raw)
  To: Mattijs Korpershoek, Tom Rini; +Cc: u-boot, Andrew Goodbody

strlen only reports length of string not including terminating 0 byte
but this has to be included in length of receiving buffer on copy so
adjust length check to be correct.

This issue found by Smatch.

Signed-off-by: Andrew Goodbody <andrew.goodbody@linaro.org>
---
 drivers/fastboot/fb_command.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/fastboot/fb_command.c b/drivers/fastboot/fb_command.c
index 2cdbac50ac4..df6e2a81cd5 100644
--- a/drivers/fastboot/fb_command.c
+++ b/drivers/fastboot/fb_command.c
@@ -405,7 +405,7 @@ static void __maybe_unused run_acmd(char *cmd_parameter, char *response)
 		return;
 	}
 
-	if (strlen(cmd_parameter) > sizeof(g_a_cmd_buff)) {
+	if (strlen(cmd_parameter) >= sizeof(g_a_cmd_buff)) {
 		pr_err("too long command\n");
 		fastboot_fail("too long command", response);
 		return;

---
base-commit: 3b4604a40b9fd61b87e9d059fc56f04d36f1a380
change-id: 20250717-fb_command-275ca03b1f03

Best regards,
-- 
Andrew Goodbody <andrew.goodbody@linaro.org>


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH] fastboot: Fix off by 1 error
  2025-07-17  8:43 [PATCH] fastboot: Fix off by 1 error Andrew Goodbody
@ 2025-07-18  8:08 ` Mattijs Korpershoek
  2025-07-22 19:46 ` Tom Rini
  1 sibling, 0 replies; 3+ messages in thread
From: Mattijs Korpershoek @ 2025-07-18  8:08 UTC (permalink / raw)
  To: Andrew Goodbody, Tom Rini; +Cc: u-boot, Andrew Goodbody

Hi Andrew,

Thank you for the patch.

On Thu, Jul 17, 2025 at 09:43, Andrew Goodbody <andrew.goodbody@linaro.org> wrote:

> strlen only reports length of string not including terminating 0 byte
> but this has to be included in length of receiving buffer on copy so
> adjust length check to be correct.
>
> This issue found by Smatch.

This issue was*

>
> Signed-off-by: Andrew Goodbody <andrew.goodbody@linaro.org>

Good catch!

Reviewed-by: Mattijs Korpershoek <mkorpershoek@kernel.org>

> ---
>  drivers/fastboot/fb_command.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/fastboot/fb_command.c b/drivers/fastboot/fb_command.c
> index 2cdbac50ac4..df6e2a81cd5 100644
> --- a/drivers/fastboot/fb_command.c
> +++ b/drivers/fastboot/fb_command.c
> @@ -405,7 +405,7 @@ static void __maybe_unused run_acmd(char *cmd_parameter, char *response)
>  		return;
>  	}
>  
> -	if (strlen(cmd_parameter) > sizeof(g_a_cmd_buff)) {
> +	if (strlen(cmd_parameter) >= sizeof(g_a_cmd_buff)) {
>  		pr_err("too long command\n");
>  		fastboot_fail("too long command", response);
>  		return;
>
> ---
> base-commit: 3b4604a40b9fd61b87e9d059fc56f04d36f1a380
> change-id: 20250717-fb_command-275ca03b1f03
>
> Best regards,
> -- 
> Andrew Goodbody <andrew.goodbody@linaro.org>

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] fastboot: Fix off by 1 error
  2025-07-17  8:43 [PATCH] fastboot: Fix off by 1 error Andrew Goodbody
  2025-07-18  8:08 ` Mattijs Korpershoek
@ 2025-07-22 19:46 ` Tom Rini
  1 sibling, 0 replies; 3+ messages in thread
From: Tom Rini @ 2025-07-22 19:46 UTC (permalink / raw)
  To: Mattijs Korpershoek, Andrew Goodbody; +Cc: u-boot

On Thu, 17 Jul 2025 09:43:29 +0100, Andrew Goodbody wrote:

> strlen only reports length of string not including terminating 0 byte
> but this has to be included in length of receiving buffer on copy so
> adjust length check to be correct.
> 
> This issue found by Smatch.
> 
> 
> [...]

Applied to u-boot/master, thanks!

[1/1] fastboot: Fix off by 1 error
      commit: 23d2c182d4be9f993a4e4d8f4fc6293e4d5a9ff8
-- 
Tom



^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2025-07-22 19:47 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-07-17  8:43 [PATCH] fastboot: Fix off by 1 error Andrew Goodbody
2025-07-18  8:08 ` Mattijs Korpershoek
2025-07-22 19:46 ` Tom Rini

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.