u-boot/common
Heinrich Schuchardt 7bae13da36 cli: avoid buffer overrun
Invoking the sandbox with

    /u-boot -c ⧵0xef⧵0xbf⧵0xbd

results in a segmentation fault.

Function b_getch() retrieves a character from the input stream. This
character may be > 0x7f. If type char is signed, static_get() will
return a negative number and in parse_stream() we will use that
negative number as an index for array map[] resulting in a buffer
overflow.

Reported-by: Harry Lockyer <harry_lockyer@tutanota.com>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2023-05-31 17:23:01 -04:00
..
eeprom SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
init global: Migrate CONFIG_MALLOC_F_ADDR to CFG 2022-12-23 10:14:51 -05:00
spl spl: Correct checking of configuration node 2023-05-31 17:23:01 -04:00
autoboot.c autoboot: Rework CONFIG_AUTOBOOT_STOP_STR_* usage 2023-01-20 12:27:06 -05:00
avb_verify.c common: avb_verify: prevent opening incorrect session 2023-02-17 10:51:28 -05:00
bloblist.c bloblist: Drop debugging 2022-10-31 11:02:44 -04:00
bmp.c common: Replace #ifdef and #if with if's 2023-04-24 21:37:45 +02:00
board_f.c arch: m68k: Introduce trivial PIT based timer 2023-04-15 21:36:07 +02:00
board_info.c board-info: Call sysinfo_detect() before sysinfo_get_str() 2021-07-14 16:48:00 -04:00
board_r.c ide: Drop init for not using BLK 2023-04-27 13:51:06 -04:00
bootstage.c bootstage: Show func name for bootstage_mark/error 2022-08-20 18:07:32 -06:00
bouncebuf.c common: bouncebuf: Use dma-mapping for cache ops 2023-01-27 12:51:27 -05:00
cli.c cli: run_commandf(): small fixups 2023-03-30 15:09:59 -04:00
cli_getch.c cli: Correct several bugs in cli_getch() 2023-03-28 09:25:51 -04:00
cli_hush.c cli: avoid buffer overrun 2023-05-31 17:23:01 -04:00
cli_readline.c cli: Correct handling of invalid escape sequences in cread_line() 2023-03-28 09:25:51 -04:00
cli_simple.c cli: Support macro processing with a fixed-size buffer 2020-12-04 16:10:01 -05:00
command.c global: Finish CONFIG -> CFG migration 2023-01-20 12:27:24 -05:00
console.c console: Use only 0x00 as line separator for console recording 2023-03-14 16:08:51 -06:00
cros_ec.c common: Drop log.h from common header 2020-05-18 21:19:18 -04:00
cyclic.c cyclic: get rid of cyclic_init() 2022-11-02 08:42:03 +01:00
ddr_spd.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
dfu.c cyclic: Use schedule() instead of WATCHDOG_RESET() 2022-09-18 10:26:33 +02:00
dlmalloc.c dlmalloc: Fix a warning with clang-15 2023-03-22 15:22:48 -04:00
dlmalloc.src Consolidate bool type 2013-04-01 16:33:52 -04:00
edid.c doc: replace @return by Return: 2022-01-19 18:11:34 +01:00
event.c Correct SPL uses of NEEDS_MANUAL_RELOC 2023-02-10 07:41:39 -05:00
exports.c common: Drop asm/global_data.h from common header 2021-02-02 15:33:42 -05:00
fdt_simplefb.c common: static fdt_simplefb_enable_existing_node() 2023-04-28 11:30:17 -06:00
fdt_support.c fdt_support: fix comments syntax error 2023-04-28 11:52:38 -06:00
flash.c Audit <flash.h> inclusion 2022-08-04 16:18:47 -04:00
hash.c Correct SPL use of CMD_SHA1SUM 2023-02-09 16:32:26 -05:00
hwconfig.c hwconfig: Allow to use restricted env 2022-08-20 18:12:51 -04:00
iomux.c IOMUX: Fix buffer overflow in iomux_replace_device() 2021-04-27 08:05:30 -04:00
iotrace.c common: Drop asm/global_data.h from common header 2021-02-02 15:33:42 -05:00
kallsyms.c global: Convert simple_strtoul() with hex to hextoul() 2021-08-02 13:32:14 -04:00
Kconfig - enable video support in SPL 2023-05-05 09:36:08 -04:00
kgdb.c common: board_r: drop initr_kgdb wrapper 2022-01-18 08:31:02 -05:00
kgdb_stubs.c common: Drop asm/ptrace.h from common header 2020-05-18 21:19:23 -04:00
log.c log: Add a category for filesystems 2023-02-06 13:04:53 -05:00
log_console.c log: Allow padding of the function name 2021-07-21 10:27:35 -06:00
log_syslog.c common: Drop asm/global_data.h from common header 2021-02-02 15:33:42 -05:00
main.c binman: add sign option for binman 2023-03-14 16:08:51 -06:00
Makefile common: Makefile: Rule to compile bmp.c 2023-04-24 21:37:45 +02:00
malloc_simple.c malloc: Annotate allocator for valgrind 2022-04-11 10:00:30 -04:00
memsize.c Merge branch 'next' 2023-01-09 11:30:08 -05:00
menu.c eficonfig: CTRL+S to save the boot order 2023-02-10 13:05:39 +01:00
miiphyutil.c Convert CONFIG_PHY_RESET_DELAY to Kconfig 2022-03-25 12:01:15 +00:00
qfw.c qemu: Move qfw kernel setup into a common file 2023-02-06 13:04:53 -05:00
s_record.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
scp03.c common: SCP03 control (enable and provision of keys) 2021-03-13 13:14:52 -05:00
splash.c common: Replace #ifdef and #if with if's 2023-04-24 21:37:45 +02:00
splash_source.c splash: get devpart from environment variable 2022-10-30 20:01:40 +01:00
stackprot.c Add support for stack-protector 2021-04-20 07:31:12 -04:00
stdio.c video: Rename CONFIG_DM_VIDEO to CONFIG_VIDEO 2022-10-30 20:07:17 +01:00
system_map.c Add support for Linux-like kallsysms 2009-06-12 20:45:48 +02:00
update.c common/update: Finish Kconfig migration 2023-01-20 12:27:06 -05:00
usb.c usb: Add 1ms delay after first Get Descriptor request 2022-11-03 23:36:48 +01:00
usb_hub.c usb: Drop unused ehci-faraday driver 2023-02-07 14:33:50 -05:00
usb_kbd.c cyclic: Use schedule() instead of WATCHDOG_RESET() 2022-09-18 10:26:33 +02:00
usb_onboard_hub.c usb: onboard-hub: add driver to manage onboard hub supplies 2023-01-12 16:19:53 +01:00
usb_storage.c usb: storage: continue probe on "Invalid device" 2022-11-04 12:22:45 +01:00
xyzModem.c cyclic: Use schedule() instead of WATCHDOG_RESET() 2022-09-18 10:26:33 +02:00