From d7255e8ddbfe76d7b0d18247d35742596c85ad93 Mon Sep 17 00:00:00 2001 From: Stefan Agner Date: Wed, 28 Sep 2016 11:29:28 +0200 Subject: [PATCH] ARM: vf610: use strcpy for soc environment variable To create the soc environment variable we concatenate two strings on the stack. So far, strcat has been used for the first string as well as for the second string. Since the variable on the stack is not initialized, the first strcat may not start using the first entry in the character array. This then could lead to an buffer overflow on the stack. Signed-off-by: Stefan Agner Acked-by: Marcel Ziswiler --- arch/arm/cpu/armv7/vf610/generic.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm/cpu/armv7/vf610/generic.c b/arch/arm/cpu/armv7/vf610/generic.c index 08b9ef4..50eb0c6 100644 --- a/arch/arm/cpu/armv7/vf610/generic.c +++ b/arch/arm/cpu/armv7/vf610/generic.c @@ -322,7 +322,7 @@ int arch_misc_init(void) { char soc[6]; - strcat(soc, "vf"); + strcpy(soc, "vf"); strcat(soc, soc_type); setenv("soc", soc); -- 2.7.4