[U-Boot] fat.c:707: warning: array subscript is above array bounds

public inbox for u-boot@lists.denx.de
 help / color / mirror / Atom feed

* [U-Boot] fat.c:707: warning: array subscript is above array bounds
@ 2008-12-13 22:13 Wolfgang Denk
  2008-12-13 22:22 ` Jean-Christophe PLAGNIOL-VILLARD
  0 siblings, 1 reply; 5+ messages in thread
From: Wolfgang Denk @ 2008-12-13 22:13 UTC (permalink / raw)
  To: u-boot

Hello,

building U-Boot with recent toolchains (like GCC-4.3.2) results in
this warning:

fat.c: In function 'read_bootsectandvi':
fat.c:707: warning: array subscript is above array bounds

The respective code looks like this:

fs/fat/fat.c:

 705         /* Terminate fs_type string. Writing past the end of vistart
 706            is ok - it's just the buffer. */
 707         vistart->fs_type[8] = '\0';

fs_type[] is declared in "include/fat.h":

143 typedef struct volume_info
144 {
145         __u8 drive_number;      /* BIOS drive number */
146         __u8 reserved;          /* Unused */
147         __u8 ext_boot_sign;     /* 0x29 if fields below exist (DOS 3.3+) */
148         __u8 volume_id[4];      /* Volume ID number */
149         char volume_label[11];  /* Volume label */
150         char fs_type[8];        /* Typically FAT12, FAT16, or FAT32 */
151         /* Boot code comes next, all but 2 bytes to fill up sector */
152         /* Boot sign comes last, 2 bytes */
153 } volume_info;

So the comment in fs/fat/fat.c is actually  correct,  writing  beyond
the end of the string is indeed uncritical here, but it is definitely
not really nice either.

I want to get rid of this warning message.

Any ideas how to deal with this?


Best regards,

Wolfgang Denk

-- 
DENX Software Engineering GmbH,     MD: Wolfgang Denk & Detlev Zundel
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: wd at denx.de
"Am besten betrachten Sie Fehlermeldungen als eine  Art  Psycho-Test,
mit  dem  herausgefunden  werden soll, wie belastbar Sie sind."
 - Dr. R. Wonneberger, Kompaktf?hrer LaTeX, Kap. 1.6: Fehlermeldungen

^ permalink raw reply	[flat|nested] 5+ messages in thread

* [U-Boot] fat.c:707: warning: array subscript is above array bounds
  2008-12-13 22:13 [U-Boot] fat.c:707: warning: array subscript is above array bounds Wolfgang Denk
@ 2008-12-13 22:22 ` Jean-Christophe PLAGNIOL-VILLARD
  2008-12-13 22:48   ` Wolfgang Denk
  0 siblings, 1 reply; 5+ messages in thread
From: Jean-Christophe PLAGNIOL-VILLARD @ 2008-12-13 22:22 UTC (permalink / raw)
  To: u-boot

On 23:13 Sat 13 Dec     , Wolfgang Denk wrote:
> Hello,
> 
> building U-Boot with recent toolchains (like GCC-4.3.2) results in
> this warning:
> 
> fat.c: In function 'read_bootsectandvi':
> fat.c:707: warning: array subscript is above array bounds
> 
> The respective code looks like this:
> 
> fs/fat/fat.c:
> 
>  705         /* Terminate fs_type string. Writing past the end of vistart
>  706            is ok - it's just the buffer. */
>  707         vistart->fs_type[8] = '\0';

why not do something like this

	*(vistart + sizeof(volume_info)) = '\0';

Best Regards,
J.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* [U-Boot] fat.c:707: warning: array subscript is above array bounds
  2008-12-13 22:22 ` Jean-Christophe PLAGNIOL-VILLARD
@ 2008-12-13 22:48   ` Wolfgang Denk
  2008-12-13 22:51     ` David Hawkins
  0 siblings, 1 reply; 5+ messages in thread
From: Wolfgang Denk @ 2008-12-13 22:48 UTC (permalink / raw)
  To: u-boot

Dear Jean-Christophe PLAGNIOL-VILLARD,

In message <20081213222225.GN15295@game.jcrosoft.org> you wrote:
>
> >  705         /* Terminate fs_type string. Writing past the end of vistart
> >  706            is ok - it's just the buffer. */
> >  707         vistart->fs_type[8] = '\0';
> 
> why not do something like this
> 
> 	*(vistart + sizeof(volume_info)) = '\0';

Because that would be terribly wrong - sizeof(volume_info)  is  >  23
(probably  24),  and  vistart  is a pointer volume_info, so you would
probably write some 500+ bytes beyond the end of the buffer.

Best regards,

Wolfgang Denk

-- 
DENX Software Engineering GmbH,     MD: Wolfgang Denk & Detlev Zundel
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: wd at denx.de
People seldom know what they want until you give them what  they  ask
for.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* [U-Boot] fat.c:707: warning: array subscript is above array bounds
  2008-12-13 22:48   ` Wolfgang Denk
@ 2008-12-13 22:51     ` David Hawkins
  2009-01-27 20:51       ` Wolfgang Denk
  0 siblings, 1 reply; 5+ messages in thread
From: David Hawkins @ 2008-12-13 22:51 UTC (permalink / raw)
  To: u-boot

Wolfgang Denk wrote:
> Dear Jean-Christophe PLAGNIOL-VILLARD,
> 
> In message <20081213222225.GN15295@game.jcrosoft.org> you wrote:
>>>  705         /* Terminate fs_type string. Writing past the end of vistart
>>>  706            is ok - it's just the buffer. */
>>>  707         vistart->fs_type[8] = '\0';
>> why not do something like this
>>
>> 	*(vistart + sizeof(volume_info)) = '\0';
> 
> Because that would be terribly wrong - sizeof(volume_info)  is  >  23
> (probably  24),  and  vistart  is a pointer volume_info, so you would
> probably write some 500+ bytes beyond the end of the buffer.

How about something in the same vein then

char *c = vistart->fstype;
c[8] = '\0';

Cheers,
Dave

^ permalink raw reply	[flat|nested] 5+ messages in thread

* [U-Boot] fat.c:707: warning: array subscript is above array bounds
  2008-12-13 22:51     ` David Hawkins
@ 2009-01-27 20:51       ` Wolfgang Denk
  0 siblings, 0 replies; 5+ messages in thread
From: Wolfgang Denk @ 2009-01-27 20:51 UTC (permalink / raw)
  To: u-boot

Dear David Hawkins,

In message <49443C7F.3020003@ovro.caltech.edu> you wrote:
>
> > In message <20081213222225.GN15295@game.jcrosoft.org> you wrote:
> >>>  705         /* Terminate fs_type string. Writing past the end of vistart
> >>>  706            is ok - it's just the buffer. */
> >>>  707         vistart->fs_type[8] = '\0';
...
> How about something in the same vein then
> 
> char *c = vistart->fstype;
> c[8] = '\0';

Thanks - this is what I actually did.

Best regards,

Wolfgang Denk

-- 
DENX Software Engineering GmbH,     MD: Wolfgang Denk & Detlev Zundel
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: wd at denx.de
...though his invention worked superbly -- his theory was a crock  of
sewage from beginning to end.         - Vernor Vinge, "The Peace War"

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2009-01-27 20:51 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-12-13 22:13 [U-Boot] fat.c:707: warning: array subscript is above array bounds Wolfgang Denk
2008-12-13 22:22 ` Jean-Christophe PLAGNIOL-VILLARD
2008-12-13 22:48   ` Wolfgang Denk
2008-12-13 22:51     ` David Hawkins
2009-01-27 20:51       ` Wolfgang Denk

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox