On Thu, 4 May 2017 22:26:42 +0200 Heinrich Schuchardt <[email protected]> wrote:
> The evaluation of option -c is incorrect: > > According to the C99 standard endptr in the first strtol is always > set as &endptr is not NULL. > So the first part of the or condition is always true. > If all digits in optarg are valid endptr will point to the closing \0 > and the second strtol will read beyond the end of the string optarg > points to. > > Signed-off-by: Heinrich Schuchardt <[email protected]> Acked-by: Boris Brezillon <[email protected]> > --- > v2: > Simplify the logical expression. > v1: > In the original patch I missed that envptr is always set in strtol > and used an unnecessary check if endptr is non-NULL. > [PATCH 1/1] tools: sunxi: avoid possible null pointer dereference > https://patchwork.ozlabs.org/patch/758224/ > --- > tools/sunxi-spl-image-builder.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/tools/sunxi-spl-image-builder.c b/tools/sunxi-spl-image-builder.c > index d538a38813..a367f11774 100644 > --- a/tools/sunxi-spl-image-builder.c > +++ b/tools/sunxi-spl-image-builder.c > @@ -433,7 +433,7 @@ int main(int argc, char **argv) > break; > case 'c': > info.ecc_strength = strtol(optarg, &endptr, 0); > - if (endptr || *endptr == '/') > + if (*endptr == '/') > info.ecc_step_size = strtol(endptr + 1, NULL, > 0); > break; > case 'p': _______________________________________________ U-Boot mailing list [email protected] https://lists.denx.de/listinfo/u-boot
