Mirrors/u-boot
1
0
Fork 0
mirror of https://source.denx.de/u-boot/u-boot.git synced 2026-06-02 09:46:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

board: samsung: fix set_board_info() board_name buffer overflow

Browse Source 
Replace unbounded sprintf() with snprintf() using sizeof(info) as
the bound when constructing the board_name string from bdname and
bdtype. The previous call had no size limit and could overflow the
64-byte stack buffer if the concatenated string exceeded 63 bytes.

Fixes: c9c36bf56e ("samsung: misc: use board specific functions to set env board info")
Signed-off-by: Ngo Luong Thanh Tra <S4210155@student.rmit.edu.au>
To: u-boot@lists.denx.de
This commit is contained in:
Ngo Luong Thanh Tra
2026-03-28 13:01:31 +07:00
committed by Tom Rini
parent f7bef8f81f
commit e228b6a504
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
board/samsung/common/misc.c
View File

@@ -101,7 +101,7 @@ void set_board_info(void)
if (!bdtype)
bdtype = "";
sprintf(info, "%s%s", bdname, bdtype);
snprintf(info, sizeof(info), "%s%s", bdname, bdtype);
env_set("board_name", info);
#endif
snprintf(info, ARRAY_SIZE(info), "%s%x-%s%s.dtb",