Am 09.11.2018 um 16:05 schrieb Simon Glass sjg@chromium.org:
The use of strcpy() to remove characters at the start of a string is safe in U-Boot, since we know the implementation. But in os.c we are using the C library's strcpy() function, where this behaviour is not permitted.
Update the code to use memcpy() instead.
Memmove, no? :)
Alex
Reported-by: Coverity (CID: 173279) Signed-off-by: Simon Glass sjg@chromium.org
Changes in v2:
- Also remove the leading / from the "/spl" path
- Correct the string calculation
arch/sandbox/cpu/os.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/arch/sandbox/cpu/os.c b/arch/sandbox/cpu/os.c index 07e46471fe5..04669bfc177 100644 --- a/arch/sandbox/cpu/os.c +++ b/arch/sandbox/cpu/os.c @@ -641,9 +641,10 @@ int os_find_u_boot(char *fname, int maxlen) }
/* Look for 'u-boot' in the parent directory of spl/ */
- p = strstr(fname, "/spl/");
- p = strstr(fname, "spl/"); if (p) {
strcpy(p, p + 4);
/* Remove the "spl" characters */memmove(p, p + 4, strlen(p + 4) + 1); fd = os_open(fname, O_RDONLY); if (fd >= 0) { close(fd);-- 2.19.1.930.g4563a0d9d0-goog