vsprintf.c: Always enable CONFIG_SYS_VSNPRINTF

Enabling this function always removes some class of string saftey issues. The size change here in general is about 400 bytes and this seems a reasonable trade-off. Cc: Peng Fan <peng.fan@nxp.com> Cc: Peter Robinson <pbrobinson@gmail.com> Cc: Fabio Estevam <fabio.estevam@freescale.com> Cc: Adrian Alonso <aalonso@freescale.com> Cc: Stefano Babic <sbabic@denx.de> Cc: Hans de Goede <hdegoede@redhat.com> Signed-off-by: Tom Rini <trini@konsulko.com>
2024-11-24 21:54:01 +00:00 · 2016-01-14 13:02:03 -05:00 · 2016-01-14 13:02:03 -05:00 · 947c626dc5
commit 947c626dc5
parent 9c11135ce0
13 changed files with 0 additions and 51 deletions
--- a/9
+++ b/9
@ -890,15 +890,6 @@ The following options need to be configured:
 		'Sane' compilers will generate smaller code if
 		CONFIG_PRE_CON_BUF_SZ is a power of 2
 - Safe printf() functions
 		Define CONFIG_SYS_VSNPRINTF to compile in safe versions of
 		the printf() functions. These are defined in
 		include/vsprintf.h and include snprintf(), vsnprintf() and
 		so on. Code size increase is approximately 300-500 bytes.
 		If this option is not given then these functions will
 		silently discard their buffer size argument - this means
 		you are not getting any overflow checking in this case.
 - Boot Delay:	CONFIG_BOOTDELAY - in seconds
 		Delay before automatically booting the default image;
 		set to -1 to disable autoboot.
--- a/configs/bayleybay_defconfig
+++ b/configs/bayleybay_defconfig
@ -37,4 +37,3 @@ CONFIG_VIDEO_VESA=y
 CONFIG_FRAMEBUFFER_SET_VESA_MODE=y
 CONFIG_FRAMEBUFFER_VESA_MODE_11A=y
 CONFIG_USE_PRIVATE_LIBGCC=y
 CONFIG_SYS_VSNPRINTF=y
--- a/configs/chromebook_link_defconfig
+++ b/configs/chromebook_link_defconfig
@ -38,5 +38,4 @@ CONFIG_VIDEO_VESA=y
 CONFIG_FRAMEBUFFER_SET_VESA_MODE=y
 CONFIG_FRAMEBUFFER_VESA_MODE_11A=y
 CONFIG_USE_PRIVATE_LIBGCC=y
 CONFIG_SYS_VSNPRINTF=y
 CONFIG_TPM=y
--- a/configs/chromebox_panther_defconfig
+++ b/configs/chromebox_panther_defconfig
@ -33,5 +33,4 @@ CONFIG_VIDEO_VESA=y
 CONFIG_FRAMEBUFFER_SET_VESA_MODE=y
 CONFIG_FRAMEBUFFER_VESA_MODE_11A=y
 CONFIG_USE_PRIVATE_LIBGCC=y
 CONFIG_SYS_VSNPRINTF=y
 CONFIG_TPM=y
--- a/configs/coreboot-x86_defconfig
+++ b/configs/coreboot-x86_defconfig
@ -25,5 +25,4 @@ CONFIG_TPM_TIS_LPC=y
 CONFIG_USB=y
 CONFIG_DM_USB=y
 CONFIG_USE_PRIVATE_LIBGCC=y
 CONFIG_SYS_VSNPRINTF=y
 CONFIG_TPM=y
--- a/configs/crownbay_defconfig
+++ b/configs/crownbay_defconfig
@ -36,4 +36,3 @@ CONFIG_DM_USB=y
 CONFIG_VIDEO_VESA=y
 CONFIG_FRAMEBUFFER_SET_VESA_MODE=y
 CONFIG_USE_PRIVATE_LIBGCC=y
 CONFIG_SYS_VSNPRINTF=y
--- a/configs/galileo_defconfig
+++ b/configs/galileo_defconfig
@ -28,4 +28,3 @@ CONFIG_TIMER=y
 CONFIG_USB=y
 CONFIG_DM_USB=y
 CONFIG_USE_PRIVATE_LIBGCC=y
 CONFIG_SYS_VSNPRINTF=y
--- a/configs/minnowmax_defconfig
+++ b/configs/minnowmax_defconfig
@ -39,4 +39,3 @@ CONFIG_VIDEO_VESA=y
 CONFIG_FRAMEBUFFER_SET_VESA_MODE=y
 CONFIG_FRAMEBUFFER_VESA_MODE_11A=y
 CONFIG_USE_PRIVATE_LIBGCC=y
 CONFIG_SYS_VSNPRINTF=y
--- a/configs/qemu-x86_defconfig
+++ b/configs/qemu-x86_defconfig
@ -30,4 +30,3 @@ CONFIG_VIDEO_VESA=y
 CONFIG_FRAMEBUFFER_SET_VESA_MODE=y
 CONFIG_FRAMEBUFFER_VESA_MODE_111=y
 CONFIG_USE_PRIVATE_LIBGCC=y
 CONFIG_SYS_VSNPRINTF=y
--- a/configs/sandbox_defconfig
+++ b/configs/sandbox_defconfig
@ -76,7 +76,6 @@ CONFIG_USB_EMUL=y
 CONFIG_USB_STORAGE=y
 CONFIG_USB_KEYBOARD=y
 CONFIG_SYS_USB_EVENT_POLL=y
 CONFIG_SYS_VSNPRINTF=y
 CONFIG_CMD_DHRYSTONE=y
 CONFIG_TPM=y
 CONFIG_LZ4=y
--- a/include/vsprintf.h
+++ b/include/vsprintf.h
@ -124,7 +124,6 @@ int sprintf(char *buf, const char *fmt, ...)
 int vsprintf(char *buf, const char *fmt, va_list args);
 char *simple_itoa(ulong i);
 #ifdef CONFIG_SYS_VSNPRINTF
 /**
 * Format a string and place it in a buffer
 *
@ -199,17 +198,6 @@ int vsnprintf(char *buf, size_t size, const char *fmt, va_list args);
 * See the vsprintf() documentation for format string extensions over C99.
 */
 int vscnprintf(char *buf, size_t size, const char *fmt, va_list args);
 #else
 /*
 * Use macros to silently drop the size parameter. Note that the 'cn'
 * versions are the same as the 'n' versions since the functions assume
 * there is always enough buffer space when !CONFIG_SYS_VSNPRINTF
 */
 #define snprintf(buf, size, fmt, args...) sprintf(buf, fmt, ##args)
 #define scnprintf(buf, size, fmt, args...) sprintf(buf, fmt, ##args)
 #define vsnprintf(buf, size, fmt, args...) vsprintf(buf, fmt, ##args)
 #define vscnprintf(buf, size, fmt, args...) vsprintf(buf, fmt, ##args)
 #endif /* CONFIG_SYS_VSNPRINTF */
 /**
 * print_grouped_ull() - print a value with digits grouped by ','
--- a/lib/Kconfig
+++ b/lib/Kconfig
@ -27,15 +27,6 @@ config SYS_HZ
 	  get_timer() must operate in milliseconds and this option must be
 	  set to 1000.
 config SYS_VSNPRINTF
 	bool "Enable safe version of sprintf()"
 	help
 	  Since sprintf() can overflow its buffer, it is common to use
 	  snprintf() instead, which knows the buffer size and can avoid
 	  overflow. However, this does increase code size slightly (for
 	  Thumb-2, about 420 bytes). Enable this option for safety when
 	  using sprintf() with data you do not control.
 config USE_TINY_PRINTF
 	bool "Enable tiny printf() version"
 	help
--- a/lib/vsprintf.c
+++ b/lib/vsprintf.c
@ -141,7 +141,6 @@ static noinline char *put_dec(char *buf, uint64_t num)
 #define SMALL	32		/* Must be 32 == 0x20 */
 #define SPECIAL	64		/* 0x */
 #ifdef CONFIG_SYS_VSNPRINTF
 /*
 * Macro to add a new character to our output string, but only if it will
 * fit. The macro moves to the next character position in the output string.
@ -151,9 +150,6 @@ static noinline char *put_dec(char *buf, uint64_t num)
 		*(str) = (ch); \
 	++str; \
 	} while (0)
 #else
 #define ADDCH(str, ch)	(*(str)++ = (ch))
 #endif
 static char *number(char *buf, char *end, u64 num,
 		int base, int size, int precision, int type)
@ -441,13 +437,11 @@ static int vsnprintf_internal(char *buf, size_t size, const char *fmt,
 				/* 't' added for ptrdiff_t */
 	char *end = buf + size;
 #ifdef CONFIG_SYS_VSNPRINTF
 	/* Make sure end is always >= buf - do we want this in U-Boot? */
 	if (end < buf) {
 		end = ((void *)-1);
 		size = end - buf;
 	}
 #endif
 	str = buf;
 	for (; *fmt ; ++fmt) {
@ -609,21 +603,16 @@ repeat:
 			     flags);
 	}
 #ifdef CONFIG_SYS_VSNPRINTF
 	if (size > 0) {
 		ADDCH(str, '\0');
 		if (str > end)
 			end[-1] = '\0';
 		--str;
 	}
 #else
 	*str = '\0';
 #endif
 	/* the trailing null byte doesn't count towards the total */
 	return str - buf;
 }
 #ifdef CONFIG_SYS_VSNPRINTF
 int vsnprintf(char *buf, size_t size, const char *fmt,
 			      va_list args)
 {
@ -666,7 +655,6 @@ int scnprintf(char *buf, size_t size, const char *fmt, ...)
 	return i;
 }
 #endif /* CONFIG_SYS_VSNPRINT */
 /**
 * Format a string and place it in a buffer (va_list version)