diff options
author | Vladimir Serbinenko <phcoder@gmail.com> | 2013-11-26 02:41:26 +0100 |
---|---|---|
committer | Vladimir Serbinenko <phcoder@gmail.com> | 2014-01-10 18:08:16 +0100 |
commit | a37383db8081b66eafc3860ede23edbfd39ac8ad (patch) | |
tree | 3f793f4b2342aa440efe3fa649244ec064ced5d8 /src/device | |
parent | 4b5012a4a2bf804d395ae3a72c76f50c4a9189db (diff) |
Replace all occurences of sprintf with snprintf
THis reduces risks of bufer overflows.
Change-Id: I77f80e76efec16ac0a0af83d76430a8126a7602d
Signed-off-by: Vladimir Serbinenko <phcoder@gmail.com>
Reviewed-on: http://review.coreboot.org/4279
Tested-by: build bot (Jenkins)
Reviewed-by: Ronald G. Minnich <rminnich@gmail.com>
Diffstat (limited to 'src/device')
-rw-r--r-- | src/device/device_util.c | 83 | ||||
-rw-r--r-- | src/device/oprom/x86emu/debug.c | 8 |
2 files changed, 50 insertions, 41 deletions
diff --git a/src/device/device_util.c b/src/device/device_util.c index cad2a06b20..38654fa586 100644 --- a/src/device/device_util.c +++ b/src/device/device_util.c @@ -231,48 +231,52 @@ const char *dev_path(device_t dev) break; case DEVICE_PATH_PCI: #if CONFIG_PCI_BUS_SEGN_BITS - sprintf(buffer, "PCI: %04x:%02x:%02x.%01x", - dev->bus->secondary >> 8, - dev->bus->secondary & 0xff, - PCI_SLOT(dev->path.pci.devfn), - PCI_FUNC(dev->path.pci.devfn)); + snprintf(buffer, sizeof (buffer), + "PCI: %04x:%02x:%02x.%01x", + dev->bus->secondary >> 8, + dev->bus->secondary & 0xff, + PCI_SLOT(dev->path.pci.devfn), + PCI_FUNC(dev->path.pci.devfn)); #else - sprintf(buffer, "PCI: %02x:%02x.%01x", - dev->bus->secondary, - PCI_SLOT(dev->path.pci.devfn), - PCI_FUNC(dev->path.pci.devfn)); + snprintf(buffer, sizeof (buffer), + "PCI: %02x:%02x.%01x", + dev->bus->secondary, + PCI_SLOT(dev->path.pci.devfn), + PCI_FUNC(dev->path.pci.devfn)); #endif break; case DEVICE_PATH_PNP: - sprintf(buffer, "PNP: %04x.%01x", - dev->path.pnp.port, dev->path.pnp.device); + snprintf(buffer, sizeof (buffer), "PNP: %04x.%01x", + dev->path.pnp.port, dev->path.pnp.device); break; case DEVICE_PATH_I2C: - sprintf(buffer, "I2C: %02x:%02x", - dev->bus->secondary, - dev->path.i2c.device); + snprintf(buffer, sizeof (buffer), "I2C: %02x:%02x", + dev->bus->secondary, + dev->path.i2c.device); break; case DEVICE_PATH_APIC: - sprintf(buffer, "APIC: %02x", - dev->path.apic.apic_id); + snprintf(buffer, sizeof (buffer), "APIC: %02x", + dev->path.apic.apic_id); break; case DEVICE_PATH_IOAPIC: - sprintf(buffer, "IOAPIC: %02x", - dev->path.ioapic.ioapic_id); + snprintf(buffer, sizeof (buffer), "IOAPIC: %02x", + dev->path.ioapic.ioapic_id); break; case DEVICE_PATH_DOMAIN: - sprintf(buffer, "DOMAIN: %04x", + snprintf(buffer, sizeof (buffer), "DOMAIN: %04x", dev->path.domain.domain); break; case DEVICE_PATH_CPU_CLUSTER: - sprintf(buffer, "CPU_CLUSTER: %01x", + snprintf(buffer, sizeof (buffer), "CPU_CLUSTER: %01x", dev->path.cpu_cluster.cluster); break; case DEVICE_PATH_CPU: - sprintf(buffer, "CPU: %02x", dev->path.cpu.id); + snprintf(buffer, sizeof (buffer), + "CPU: %02x", dev->path.cpu.id); break; case DEVICE_PATH_CPU_BUS: - sprintf(buffer, "CPU_BUS: %02x", dev->path.cpu_bus.id); + snprintf(buffer, sizeof (buffer), + "CPU_BUS: %02x", dev->path.cpu_bus.id); break; default: printk(BIOS_ERR, "Unknown device path type: %d\n", @@ -296,7 +300,8 @@ const char *dev_name(device_t dev) const char *bus_path(struct bus *bus) { static char buffer[BUS_PATH_MAX]; - sprintf(buffer, "%s,%d", dev_path(bus->dev), bus->link_num); + snprintf(buffer, sizeof (buffer), + "%s,%d", dev_path(bus->dev), bus->link_num); return buffer; } @@ -584,15 +589,15 @@ resource_t resource_max(struct resource *resource) const char *resource_type(struct resource *resource) { static char buffer[RESOURCE_TYPE_MAX]; - sprintf(buffer, "%s%s%s%s", - ((resource->flags & IORESOURCE_READONLY) ? "ro" : ""), - ((resource->flags & IORESOURCE_PREFETCH) ? "pref" : ""), - ((resource->flags == 0) ? "unused" : - (resource->flags & IORESOURCE_IO) ? "io" : - (resource->flags & IORESOURCE_DRQ) ? "drq" : - (resource->flags & IORESOURCE_IRQ) ? "irq" : - (resource->flags & IORESOURCE_MEM) ? "mem" : "??????"), - ((resource->flags & IORESOURCE_PCI64) ? "64" : "")); + snprintf(buffer, sizeof (buffer), "%s%s%s%s", + ((resource->flags & IORESOURCE_READONLY) ? "ro" : ""), + ((resource->flags & IORESOURCE_PREFETCH) ? "pref" : ""), + ((resource->flags == 0) ? "unused" : + (resource->flags & IORESOURCE_IO) ? "io" : + (resource->flags & IORESOURCE_DRQ) ? "drq" : + (resource->flags & IORESOURCE_IRQ) ? "irq" : + (resource->flags & IORESOURCE_MEM) ? "mem" : "??????"), + ((resource->flags & IORESOURCE_PCI64) ? "64" : "")); return buffer; } @@ -618,10 +623,12 @@ void report_resource_stored(device_t dev, struct resource *resource, if (resource->flags & IORESOURCE_PCI_BRIDGE) { #if CONFIG_PCI_BUS_SEGN_BITS - sprintf(buf, "bus %04x:%02x ", dev->bus->secondary >> 8, + snprintf(buf, sizeof (buf), + "bus %04x:%02x ", dev->bus->secondary >> 8, dev->link_list->secondary & 0xff); #else - sprintf(buf, "bus %02x ", dev->link_list->secondary); + snprintf(buf, sizeof (buf), + "bus %02x ", dev->link_list->secondary); #endif } printk(BIOS_DEBUG, "%s %02lx <- [0x%010llx - 0x%010llx] size 0x%08llx " @@ -830,10 +837,12 @@ void show_one_resource(int debug_level, struct device *dev, /* if (resource->flags & IORESOURCE_BRIDGE) { #if CONFIG_PCI_BUS_SEGN_BITS - sprintf(buf, "bus %04x:%02x ", dev->bus->secondary >> 8, - dev->link[0].secondary & 0xff); + snprintf(buf, sizeof (buf), "bus %04x:%02x ", + dev->bus->secondary >> 8, + dev->link[0].secondary & 0xff); #else - sprintf(buf, "bus %02x ", dev->link[0].secondary); + snprintf(buf, sizeof (buf), + "bus %02x ", dev->link[0].secondary); #endif } */ diff --git a/src/device/oprom/x86emu/debug.c b/src/device/oprom/x86emu/debug.c index b3f4b6ebfb..e7a111b4f2 100644 --- a/src/device/oprom/x86emu/debug.c +++ b/src/device/oprom/x86emu/debug.c @@ -163,15 +163,15 @@ void x86emu_inc_decoded_inst_len (int x) void x86emu_decode_printf (const char *x) { - sprintf(M.x86.decoded_buf+M.x86.enc_str_pos,"%s",x); + strcpy(M.x86.decoded_buf+M.x86.enc_str_pos,x); M.x86.enc_str_pos += strlen(x); } void x86emu_decode_printf2 (const char *x, int y) { char temp[100]; - sprintf(temp,x,y); - sprintf(M.x86.decoded_buf+M.x86.enc_str_pos,"%s",temp); + snprintf(temp, sizeof (temp), x,y); + strcpy(M.x86.decoded_buf+M.x86.enc_str_pos,temp); M.x86.enc_str_pos += strlen(temp); } @@ -186,7 +186,7 @@ static void print_encoded_bytes (u16 s, u16 o) int i; char buf1[64]; for (i=0; i< M.x86.enc_pos; i++) { - sprintf(buf1+2*i,"%02x", fetch_data_byte_abs(s,o+i)); + snprintf(buf1+2*i, 64 - 2 * i, "%02x", fetch_data_byte_abs(s,o+i)); } printf("%-20s ",buf1); } |