From mboxrd@z Thu Jan 1 00:00:00 1970 From: Tom Rini Date: Tue, 8 Dec 2015 18:32:55 -0500 Subject: [U-Boot] [PATCH 1/3] serial-uclass.c: Copy at most sdev.name - 1 characters into the buffer In-Reply-To: References: Message-ID: <20151208233255.GG667@bill-the-cat> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: u-boot@lists.denx.de On Tue, Dec 08, 2015 at 12:35:18PM -0700, Simon Glass wrote: > On 7 December 2015 at 20:26, Tom Rini wrote: > > Coverity notes that we do not ensure a NULL terminated string here as we > > could fill the entire buffer with our strncpy call. Fix this by > > subtracting one. > > > > Reported-by: Coverity (CID 131093) > > Cc: Simon Glass > > Signed-off-by: Tom Rini > > --- > > drivers/serial/serial-uclass.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > Reviewed-by: Simon Glass > > > > > diff --git a/drivers/serial/serial-uclass.c b/drivers/serial/serial-uclass.c > > index 842f78b..2ef82b0 100644 > > --- a/drivers/serial/serial-uclass.c > > +++ b/drivers/serial/serial-uclass.c > > @@ -324,7 +324,7 @@ static int serial_post_probe(struct udevice *dev) > > return 0; > > memset(&sdev, '\0', sizeof(sdev)); > > > > - strncpy(sdev.name, dev->name, sizeof(sdev.name)); > > + strncpy(sdev.name, dev->name, sizeof(sdev.name) - 1); > > There is also strlcpy() if you want it. Ah good. Yeah, I think I should v2 this patch and use strlcpy as there's going to be many more of these I bet to come. -- Tom -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: Digital signature URL: