We have a _LAST_ERRNO of 3 decimal digits. strerror(_LAST_ERRNO) is ok,
but it's still possible that some code passes a non-error code int,
which will overflow the static buffer. Play it safe and bump up the
buffer size to at least 11 characters. This is enough to represent
all integers, with only 7 characters more static storage.

This way strerror(some_int_passed_by_mistake) will not invoke UB.

Signed-off-by: Ahmad Fatoum <redacted>
---
Detected by ASAN on sandbox a while ago. The place which passed the
non-errno int needs probably fixing as well, but I need to find it again
first..
---
 common/misc.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/common/misc.c b/common/misc.c
index 1c7f93760804..1a1cc071b4d1 100644
--- a/common/misc.c
+++ b/common/misc.c

@@ -22,6 +22,7 @@
 #include <led.h>
 #include <of.h>
 #include <restart.h>
+#include <linux/stringify.h>
 
 int errno;
 EXPORT_SYMBOL(errno);

@@ -29,7 +30,7 @@ EXPORT_SYMBOL(errno);
 
 const char *strerror(int errnum)
 {
-	static char errno_string[10];
+	static char errno_string[sizeof("error -2147483648")];
 
 #ifdef CONFIG_ERRNO_MESSAGES
 	char *str;

-- 
2.28.0


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox