From mboxrd@z Thu Jan 1 00:00:00 1970 From: Tom Rini Date: Sat, 9 Jan 2016 09:03:59 -0500 Subject: [U-Boot] [PATCH] common: cli_simple: use strncpy instead of strcpy In-Reply-To: <1452346308-16676-1-git-send-email-van.freenix@gmail.com> References: <1452346308-16676-1-git-send-email-van.freenix@gmail.com> Message-ID: <20160109140359.GC3359@bill-the-cat> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: u-boot@lists.denx.de On Sat, Jan 09, 2016 at 09:31:48PM +0800, Peng Fan wrote: > Report Coverity log: > Destination buffer too small (STRING_OVERFLOW) > string_overflow: You might overrun the 1024 byte destination string > lastcommand by writing 1025 bytes from console_buffer > > Signed-off-by: Peng Fan > Cc: Heiko Schocher > Cc: Simon Glass > Cc: Tom Rini > --- > common/cli_simple.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/common/cli_simple.c b/common/cli_simple.c > index 9c3d073..c51f963 100644 > --- a/common/cli_simple.c > +++ b/common/cli_simple.c > @@ -276,7 +276,8 @@ void cli_simple_loop(void) > > flag = 0; /* assume no special flags for now */ > if (len > 0) > - strcpy(lastcommand, console_buffer); > + strncpy(lastcommand, console_buffer, > + CONFIG_SYS_CBSIZE + 1); > else if (len == 0) > flag |= CMD_FLAG_REPEAT; > #ifdef CONFIG_BOOT_RETRY_TIME So, long term I would like to see use move to using strlcpy for the normal case (it might not make sense when working with various defined protocols, etc). Thanks! -- Tom -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: Digital signature URL: