We have a _LAST_ERRNO of 3 decimal digits. strerror(_LAST_ERRNO) is ok, but it's still possible that some code passes a non-error code int, which will overflow the static buffer. Play it safe and bump up the buffer size to at least 11 characters. This is enough to represent all integers, with only 7 characters more static storage.
This way strerror(some_int_passed_by_mistake) will not invoke UB. Signed-off-by: Ahmad Fatoum <[email protected]> --- Detected by ASAN on sandbox a while ago. The place which passed the non-errno int needs probably fixing as well, but I need to find it again first.. --- common/misc.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/common/misc.c b/common/misc.c index 1c7f93760804..1a1cc071b4d1 100644 --- a/common/misc.c +++ b/common/misc.c @@ -22,6 +22,7 @@ #include <led.h> #include <of.h> #include <restart.h> +#include <linux/stringify.h> int errno; EXPORT_SYMBOL(errno); @@ -29,7 +30,7 @@ EXPORT_SYMBOL(errno); const char *strerror(int errnum) { - static char errno_string[10]; + static char errno_string[sizeof("error -2147483648")]; #ifdef CONFIG_ERRNO_MESSAGES char *str; -- 2.28.0 _______________________________________________ barebox mailing list [email protected] http://lists.infradead.org/mailman/listinfo/barebox
