On 3/1/23 16:02, Simon Glass wrote:
On Mon, 27 Feb 2023 at 12:55, Marek Vasut
<[email protected]> wrote:
The command assumed 32bit pointers so far, with 64bit pointer the
command would overwrite a piece of stack. Fix it by extending the
array size to cater for 64bit pointer, and use snprintf() to avoid
writing past the end of the array ever again.
Signed-off-by: Marek Vasut <[email protected]>
---
Cc: Heinrich Schuchardt <[email protected]>
Cc: Simon Glass <[email protected]>
Cc: Tom Rini <[email protected]>
---
cmd/fdt.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
Reviewed-by: Simon Glass <[email protected]>
diff --git a/cmd/fdt.c b/cmd/fdt.c
index 279dad9fe11..bc19303159d 100644
--- a/cmd/fdt.c
+++ b/cmd/fdt.c
@@ -466,9 +466,9 @@ static int do_fdt(struct cmd_tbl *cmdtp, int flag, int
argc, char *const argv[])
return ret;
} else if (subcmd[0] == 'a') {
/* Get address */
- char buf[11];
+ char buf[19];
- sprintf(buf, "0x%p", nodep);
+ snprintf(buf, sizeof(buf), "0x%p",
nodep);
Do we need the 0x? I believe that is always the base.
I would argue this behavior is an ABI by now.
I did send a separate patch on top, which can then be reverted if that
would break anything:
https://patchwork.ozlabs.org/project/uboot/patch/[email protected]/
