easylogo: avoid buffer overrun
authorHeinrich Schuchardt <xypron.glpk@gmx.de>
Thu, 15 Aug 2019 21:54:15 +0000 (23:54 +0200)
committerTom Rini <trini@konsulko.com>
Tue, 20 Aug 2019 16:20:33 +0000 (12:20 -0400)
Building easylogo with `HOST_TOOLS_ALL=y make tools` results in a build
warning due to a possible buffer overrun:

tools/easylogo/easylogo.c:453:4: note: ‘sprintf’ output between 7 and
262 bytes into a destination of size 256
    sprintf (str, "%s, 0x%02x", app, *dataptr++);
    ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Truncate the output to fit into the destination buffer.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
tools/easylogo/easylogo.c

index 4ba86bf76076fa0886dbdc4782d15c319c34f3db..ed4bf203dd87e90191f702dc22b8bdb0c7c98e95 100644 (file)
@@ -450,7 +450,8 @@ int image_save_header (image_t * image, char *filename, char *varname)
 
                default:
                        strcpy (app, str);
-                       sprintf (str, "%s, 0x%02x", app, *dataptr++);
+                       sprintf(str, "%.*s, 0x%02x", (int)sizeof(str) - 7, app,
+                               *dataptr++);
                        col++;
                        count--;
                        break;