diff options
author | Jacob Garber <jgarber1@ualberta.ca> | 2019-05-08 09:32:00 -0600 |
---|---|---|
committer | Patrick Georgi <pgeorgi@google.com> | 2019-05-13 09:14:42 +0000 |
commit | 554e55b0f07e7913afad6b374e30661df9db617a (patch) | |
tree | 4330d8e62a54a9513de655d225c46d4676f26df1 | |
parent | cb6f6a10b3223dce446a1ce8e01cba0357b55b91 (diff) |
util/kconfig: Use snprintf to avoid buffer overflow
'name' and 'env' are supposed to be file system paths,
but could overflow the buffer if configured incorrectly.
Let's avoid that entirely.
Found-by: Coverity Scan #1362515
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Change-Id: I1aef36819d49ebcbde1c51995dc0961c85e74150
Reviewed-on: https://review.coreboot.org/c/coreboot/+/32686
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
-rw-r--r-- | util/kconfig/zconf.l | 3 | ||||
-rw-r--r-- | util/kconfig/zconf.lex.c_shipped | 3 |
2 files changed, 4 insertions, 2 deletions
diff --git a/util/kconfig/zconf.l b/util/kconfig/zconf.l index 0b45c19db9..f2636d2955 100644 --- a/util/kconfig/zconf.l +++ b/util/kconfig/zconf.l @@ -273,7 +273,8 @@ FILE *zconf_fopen(const char *name) if (!f && name != NULL && name[0] != '/') { env = getenv(SRCTREE); if (env) { - sprintf(fullname, "%s/%s", env, name); + snprintf(fullname, sizeof(fullname), + "%s/%s", env, name); f = fopen(fullname, "r"); } } diff --git a/util/kconfig/zconf.lex.c_shipped b/util/kconfig/zconf.lex.c_shipped index 72e3a5fca2..4133f71dd2 100644 --- a/util/kconfig/zconf.lex.c_shipped +++ b/util/kconfig/zconf.lex.c_shipped @@ -2351,7 +2351,8 @@ FILE *zconf_fopen(const char *name) if (!f && name != NULL && name[0] != '/') { env = getenv(SRCTREE); if (env) { - sprintf(fullname, "%s/%s", env, name); + snprintf(fullname, sizeof(fullname), + "%s/%s", env, name); f = fopen(fullname, "r"); } } |