Carl-Daniel Hailfinger wrote:
> @@ -194,9 +195,15 @@
> s = va_arg(args, char *);
> if (!s)
> s = "<NULL>";
> + /* Catch almost-NULL pointers as well */
> + if ((size_t)s < 0x400)
> + s = "<almost NULL>";
>
> len = strnlen(s, precision);
>
> + for (i = 0; i < len; ++i)
> + if (!isprint(*s[i]))
> + s = "<GARBAGE>";
No offense, but isn't there a break missing in the loop when we assign s
to be "<GARBAGE>"? Otherwise we may access invalid data if len is
greater than strlen("<GARBAGE>") because we have changed the base we're
looking at.
> if (!(flags & LEFT))
> while (len < field_width--)
> tx_byte(' ', arg), count++;
Mathias
--
coreboot mailing list: [email protected]
http://www.coreboot.org/mailman/listinfo/coreboot
