[U-Boot] [PATCH V2] common: nvedit: use snprintf instead of sprintf
From: Peng Fan peng.fan@nxp.com
Use snprintf to replace sprintf.
Coverity log: " Unbounded source buffer (STRING_SIZE) string_size: Passing string init_val of unknown size to sprintf. "
Reported-by: Coverity Signed-off-by: Peng Fan peng.fan@nxp.com Cc: Tom Rini trini@konsulko.com Cc: Simon Glass sjg@chromium.org Reviewed-by: Joe Hershberger joe.hershberger@ni.com --- common/cmd_nvedit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/common/cmd_nvedit.c b/common/cmd_nvedit.c index f4c2523..3d295d1 100644 --- a/common/cmd_nvedit.c +++ b/common/cmd_nvedit.c @@ -594,7 +594,7 @@ static int do_env_edit(cmd_tbl_t *cmdtp, int flag, int argc, /* Set read buffer to initial value or empty sting */ init_val = getenv(argv[1]); if (init_val) - sprintf(buffer, "%s", init_val); + snprintf(buffer, CONFIG_SYS_CBSIZE, "%s", init_val); else buffer[0] = '\0';
On Wed, Dec 23, 2015 at 12:08:09PM +0800, Peng Fan wrote:
From: Peng Fan peng.fan@nxp.com
Use snprintf to replace sprintf.
Coverity log: " Unbounded source buffer (STRING_SIZE) string_size: Passing string init_val of unknown size to sprintf. "
Reported-by: Coverity Signed-off-by: Peng Fan peng.fan@nxp.com Cc: Tom Rini trini@konsulko.com Cc: Simon Glass sjg@chromium.org Reviewed-by: Joe Hershberger joe.hershberger@ni.com
Applied to u-boot/master, thanks!
participants (2)
-
Peng Fan -
Tom Rini