From mboxrd@z Thu Jan 1 00:00:00 1970 From: Tom Rini Date: Wed, 26 Oct 2016 17:49:01 -0400 Subject: [U-Boot] [PATCH 2/2] image: Protect against overflow in unknown_msg() In-Reply-To: <1477509552-9047-2-git-send-email-sjg@chromium.org> References: <1477509552-9047-1-git-send-email-sjg@chromium.org> <1477509552-9047-2-git-send-email-sjg@chromium.org> Message-ID: <20161026214901.GD18591@bill-the-cat> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: u-boot@lists.denx.de On Wed, Oct 26, 2016 at 01:19:12PM -0600, Simon Glass wrote: > Coverity complains that this can overflow. If we later increase the size > of one of the strings in the table, it could happen. > > Adjust the code to protect against this. > > Signed-off-by: Simon Glass > Reported-by: Coverity (CID: 150964) > --- > > common/image.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/common/image.c b/common/image.c > index 0e86c13..dfd1779 100644 > --- a/common/image.c > +++ b/common/image.c > @@ -584,13 +584,14 @@ const table_entry_t *get_table_entry(const table_entry_t *table, int id) > } > return NULL; > } > +#include > > static const char *unknown_msg(enum ih_category category) > { > static char msg[30]; > > strcpy(msg, "Unknown "); > - strcat(msg, table_info[category].desc); > + strncat(msg, table_info[category].desc, sizeof(msg) - 1); > > return msg; > } We should add the include up top with the others :) -- Tom -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: Digital signature URL: