From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 78E2AC433F5 for ; Mon, 6 Dec 2021 05:44:50 +0000 (UTC) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 782E58307B; Mon, 6 Dec 2021 06:44:48 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="ZItaLPeo"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 8EB0083075; Mon, 6 Dec 2021 06:44:46 +0100 (CET) Received: from mail-pj1-x1036.google.com (mail-pj1-x1036.google.com [IPv6:2607:f8b0:4864:20::1036]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 759868083E for ; Mon, 6 Dec 2021 06:44:42 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=masami.hiramatsu@linaro.org Received: by mail-pj1-x1036.google.com with SMTP id f18-20020a17090aa79200b001ad9cb23022so5214920pjq.4 for ; Sun, 05 Dec 2021 21:44:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :user-agent:mime-version:content-transfer-encoding; bh=Z2ROnf8FiP3NdigMZdG7gXUWT9ksrzqvxWkcZavbpuA=; b=ZItaLPeoNp92vtg80yDFiFHr4PfX0ZGn0Es8tmfDSwCltpdAJwvDLBEq8UeFFo0eQ7 ScoU3CNfznxvqZ/fxcXtmNHMCicgdU5CyNL9Ti+eyEe9AuOSRSQW723dPgr+/BW6KYEr r4y6+ZeD0cTYdfmZ0I3Aps2P5TOcD3KQt4Q7b6JwgYlrQbig2+t5Zrtxs+4YjIx8+nzo z3Y/a+QugCzDGCs+2fpYuMyoTZMuNJFu7/G8jFrAdKMBAeJf2Sl46Wf7qm41MvgY4eoL ABIVnYQTfnEuniUCrXFcZg4ymC15aViHw2W8DQ/ogm/wpV2fWMgBFvEW964jhJoOW1yk 0fAg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:user-agent:mime-version:content-transfer-encoding; bh=Z2ROnf8FiP3NdigMZdG7gXUWT9ksrzqvxWkcZavbpuA=; b=fI1IYWfbROqkH5OrqXy5tI8pyS0xqZElE19gvOw1u1rE3Yo5OOs0oBQ5kjjnVJ5T09 nvCa+FzRS2mphQ7Hfdu0CslrzeAJrECHe9Dx1/VliGT++iHNEMW+BtOQukVgFApIH320 DRpy6rzAK7CtouZz0+Fnvfx21YlXDl/1b9L3P1ZFOEZbc6RjkuajfvpzhHIkvgqHUQJ+ tXOGEF+bbE+H28bDkPGNi5XFaOmprrsvT9FnWyPP6j1rQMRzs5hZljdII62fxFOyXx7k wGoxmV9oiEkZfqtzG/PweEqPeqdvqSyafBZyisOO2PHsRixLL3F8M9oPZ2Buz1uIwQJw ipOw== X-Gm-Message-State: AOAM5335glg3nZ5oUS8SwFaDSpkvjAQPQnWazJE0ACC9bNwWdkotpJrZ 4Ors2REDXCi4juD0quNaozlqFg== X-Google-Smtp-Source: ABdhPJxRdBEM1SPDhvvW3wmULlMtm8jcHxWEe3aeSTmxUnqhIRnp3qabTOxYCI3pXX0gup0v5eMIag== X-Received: by 2002:a17:90a:1a55:: with SMTP id 21mr34670644pjl.240.1638769480898; Sun, 05 Dec 2021 21:44:40 -0800 (PST) Received: from localhost.localdomain (122x208x150x49.ap122.ftth.ucom.ne.jp. [122.208.150.49]) by smtp.gmail.com with ESMTPSA id w142sm10523644pfc.115.2021.12.05.21.44.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 05 Dec 2021 21:44:40 -0800 (PST) From: Masami Hiramatsu To: Lukasz Majewski Cc: u-boot@lists.denx.de, ilias.apalodimas@linaro.org, sughosh.ganu@linaro.org, jaswinder.singh@linaro.org Subject: [PATCH 1/5] DFU: Do not copy the entity name over the buffer size Date: Mon, 6 Dec 2021 14:44:38 +0900 Message-Id: <163876947800.38238.12205367138412196203.stgit@localhost> X-Mailer: git-send-email 2.25.1 In-Reply-To: <163876946986.38238.10896882043017582609.stgit@localhost> References: <163876946986.38238.10896882043017582609.stgit@localhost> User-Agent: StGit/0.19 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.38 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean Use strlcpy() instead of strcpy() to prevent copying the entity name over the name buffer size. Signed-off-by: Masami Hiramatsu --- drivers/dfu/dfu.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/dfu/dfu.c b/drivers/dfu/dfu.c index af3975925a..66c41b5e76 100644 --- a/drivers/dfu/dfu.c +++ b/drivers/dfu/dfu.c @@ -503,7 +503,7 @@ static int dfu_fill_entity(struct dfu_entity *dfu, char *s, int alt, debug("%s: %s interface: %s dev: %s\n", __func__, s, interface, devstr); st = strsep(&s, " "); - strcpy(dfu->name, st); + strlcpy(dfu->name, st, DFU_NAME_SIZE); dfu->alt = alt; dfu->max_buf_size = 0;