Mirrors/u-boot
2
0
Fork 0
mirror of https://github.com/AsahiLinux/u-boot synced 2024-11-24 21:54:01 +00:00
Code Issues Projects Releases Packages Wiki Activity

pxe: simplify label_boot()

Browse source 
Coverity CID 131256 indicates a possible buffer overflow in label_boot().
This would only occur if the size of the downloaded file would exceed 4
GiB. But anyway we can simplify the code by using snprintf() and checking
the return value.

Addresses-Coverity-ID: 131256 ("Security best practices violations (STRING_OVERFLOW)")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ramon Fried <rfried.dev@gmail.com>
Reviewed-by: Artem Lapkin <email2tema@gmail.com>
This commit is contained in:
Heinrich Schuchardt 2021-11-15 19:26:51 +01:00
parent 26f6f7fb5c
commit 085cbdafca
1 changed files with 4 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
boot/pxe_utils.c
View file

@ -532,11 +532,10 @@ static int label_boot(struct pxe_context *ctx, struct pxe_label *label)
}
initrd_addr_str = env_get("ramdisk_addr_r");
strcpy(initrd_filesize, simple_xtoa(size));
strncpy(initrd_str, initrd_addr_str, 18);
strcat(initrd_str, ":");
strncat(initrd_str, initrd_filesize, 9);
size = snprintf(initrd_str, sizeof(initrd_str), "%s:%lx",
initrd_addr_str, size);
if (size >= sizeof(initrd_str))
return 1;
}
if (get_relfile_envaddr(ctx, label->kernel, "kernel_addr_r",