Dear Wolfgang, On 11/13/20 5:01 AM, Wolfgang Denk wrote: > Dear Jaehoon Chung, > > In message <21adc771-9660-da52-65c8-c2029de9a...@samsung.com> you wrote: >> On 11/10/20 11:28 PM, Hoyeonjiki Kim wrote: >>> The function mmc_offset_try_partition searches MMC partition to save the >>> environment data by name. However, it only compares the first word-size >>> bytes (size of 'const char *'), which may make the function to find >>> unintended partition. >>> >>> Correct the function not to partially compare the partition name with >>> config "u-boot,,mmc-env-partition". >>> >>> Signed-off-by: Hoyeonjiki Kim <jigi....@gmail.com> >>> --- >>> env/mmc.c | 2 +- >>> 1 file changed, 1 insertion(+), 1 deletion(-) >>> >>> diff --git a/env/mmc.c b/env/mmc.c >>> index 4e67180b23..505f7aa2b8 100644 >>> --- a/env/mmc.c >>> +++ b/env/mmc.c >>> @@ -42,7 +42,7 @@ static inline int mmc_offset_try_partition(const char >>> *str, int copy, s64 *val) >>> if (ret < 0) >>> return ret; >>> >>> - if (!strncmp((const char *)info.name, str, sizeof(str))) >>> + if (!strcmp((const char *)info.name, str)) >> >> Using "strlen(str)" is better than changing to strcmp. >> >> strncmp(..., ..., strlen(str)) > > Is either of this a good idea? I mean, if you pass in random data, > this will run forever and eventually create undefined behaviour. We > know the maximum size, so why not limit it to that, as strncmp() did?
Actually, i don' want to use strcmp. If my remember is correct, strcmp is already reported about having security hole. I had commented one example for using to check length. But i agreed it's not good idea. Thanks for pointing out! Best Regards, Jaehoon Chung > > Best regards, > > Wolfgang Denk >