[PATCH] cpukit/libpci: fix potential buffer overflow in pci_cfg_print_code.c
Vijay Kumar Banerjee
vijay at rtems.org
Wed May 26 22:46:57 UTC 2021
Hi,
On Wed, May 26, 2021 at 2:45 PM Joel Sherrill <joel at rtems.org> wrote:
>
>
>
> On Wed, May 26, 2021 at 1:58 PM Harrison Edward Gerber <gerberhe11 at gmail.com> wrote:
>>
>> See also CID 1399721
>> Closes #4442
>
>
> Blank line between these.
>
> But otherwise I think this looks good.
>
I pushed it with the added blank line in the commit message.
Thanks.
> Gedare... this looks like a good paper on this family of methods for
> advice on safe programming:
>
> https://www.sudo.ws/todd/papers/strlcpy.html
>
> Should we put a discussion of this type of issue in the Coding Style
> and reference it?
>
>>
>> ---
>> cpukit/libpci/pci_cfg_print_code.c | 4 ++--
>> 1 file changed, 2 insertions(+), 2 deletions(-)
>>
>> diff --git a/cpukit/libpci/pci_cfg_print_code.c b/cpukit/libpci/pci_cfg_print_code.c
>> index e758fa661a..e0979db74a 100644
>> --- a/cpukit/libpci/pci_cfg_print_code.c
>> +++ b/cpukit/libpci/pci_cfg_print_code.c
>> @@ -65,8 +65,8 @@ static void pci_cfg_print_device(struct pci_dev *dev, char *prefix)
>> char name[32];
>> char buf[8];
>> printf("%s.resources = {\n", prefix);
>> - strcpy(buf, prefix);
>> - strcat(buf, "\t");
>> + strlcpy(buf, prefix, sizeof(buf));
>> + strlcat(buf, "\t", sizeof(buf));
>> pci_cfg_print_resources(dev->resources, buf);
>> printf("%s},\n", prefix);
>> if (dev->next == NULL) {
>> --
>> 2.25.1
>>
>> _______________________________________________
>> devel mailing list
>> devel at rtems.org
>> http://lists.rtems.org/mailman/listinfo/devel
>
> _______________________________________________
> devel mailing list
> devel at rtems.org
> http://lists.rtems.org/mailman/listinfo/devel
More information about the devel
mailing list