From: Heinrich Schuchardt <xypron.glpk@gmx.de>
Date: Thu, 15 Aug 2019 21:54:15 +0000 (+0200)
Subject: easylogo: avoid buffer overrun
X-Git-Tag: v2019.10-rc3~6^2~9
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=2bdb42f7c076638eb3dfbdfefc142f37f5e6209d;p=platform%2Fkernel%2Fu-boot.git

easylogo: avoid buffer overrun

Building easylogo with `HOST_TOOLS_ALL=y make tools` results in a build
warning due to a possible buffer overrun:

tools/easylogo/easylogo.c:453:4: note: ‘sprintf’ output between 7 and
262 bytes into a destination of size 256
    sprintf (str, "%s, 0x%02x", app, *dataptr++);
    ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Truncate the output to fit into the destination buffer.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
---

diff --git a/tools/easylogo/easylogo.c b/tools/easylogo/easylogo.c
index 4ba86bf..ed4bf20 100644
--- a/tools/easylogo/easylogo.c
+++ b/tools/easylogo/easylogo.c
@@ -450,7 +450,8 @@ int image_save_header (image_t * image, char *filename, char *varname)
 
 		default:
 			strcpy (app, str);
-			sprintf (str, "%s, 0x%02x", app, *dataptr++);
+			sprintf(str, "%.*s, 0x%02x", (int)sizeof(str) - 7, app,
+				*dataptr++);
 			col++;
 			count--;
 			break;