[U-Boot] [PATCH] miiphy: use strcpy() not sprintf()
In miiphy_register() the new device's name was initialised by passing a string parameter as the format string to sprintf(). As this would cause problems if it ever contained a '%' symbol, switch to using strcpy() instead.
Signed-off-by: Laurence Withers lwithers@guralp.com Cc: Andy Fleming afleming@freescale.com --- common/miiphyutil.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/common/miiphyutil.c b/common/miiphyutil.c index bcab74e..0ddf88e 100644 --- a/common/miiphyutil.c +++ b/common/miiphyutil.c @@ -141,7 +141,7 @@ void miiphy_register(const char *name, /* initalize mii_dev struct fields */ new_dev->read = legacy_miiphy_read; new_dev->write = legacy_miiphy_write; - sprintf(new_dev->name, name); + strcpy(new_dev->name, name); ldev->read = read; ldev->write = write; new_dev->priv = ldev;
Hi Laurence,
Le 14/07/2011 14:31, Laurence Withers a écrit :
In miiphy_register() the new device's name was initialised by passing a string parameter as the format string to sprintf(). As this would cause problems if it ever contained a '%' symbol, switch to using strcpy() instead.
Please use strncpy() which will also guard against overflows.
Amicalement,
On Thursday, July 14, 2011 09:49:23 Albert ARIBAUD wrote:
Le 14/07/2011 14:31, Laurence Withers a écrit :
In miiphy_register() the new device's name was initialised by passing a string parameter as the format string to sprintf(). As this would cause problems if it ever contained a '%' symbol, switch to using strcpy() instead.
Please use strncpy() which will also guard against overflows.
or BUG_ON(strlen(name) >= MDIO_NAME_LEN) -mike
On Thu, Jul 14, 2011 at 02:02:42PM -0400, Mike Frysinger wrote:
On Thursday, July 14, 2011 09:49:23 Albert ARIBAUD wrote:
Please use strncpy() which will also guard against overflows.
or BUG_ON(strlen(name) >= MDIO_NAME_LEN) -mike
Patch v3 has both. The original code did have a check for the name overflowing but BUG_ON() is IMO clearer so I switched to using it instead. I kept strncpy() in v3, rather than just strcpy(), because it makes the code robust against future edits. Thanks for the feedback.
Bye for now,
participants (3)
-
Albert ARIBAUD -
Laurence Withers -
Mike Frysinger