Thread (10 messages) 10 messages, 3 authors, 2021-07-31

Re: [PATCH v2 1/3] staging/fbtft: Remove all strcpy() uses

From: Andy Shevchenko <hidden>
Date: 2021-07-24 20:21:44
Also in: dri-devel, linux-staging, lkml

On Sat, Jul 24, 2021 at 7:05 PM Len Baker [off-list ref] wrote:
strcpy() performs no bounds checking on the destination buffer. This
could result in linear overflows beyond the end of the buffer, leading
to all kinds of misbehaviors. The safe replacement is strscpy() but in
this case it is simpler to use the "%*ph" format specifier.
...
-       char msg[128];
128 / 4 = 32. So, this buffer is enough to debug print only up to 32
bytes. Hence %*ph replacement won't cut output earlier than requested.

...
+                       for (j = i + 1; par->init_sequence[j] >= 0; j++);
Why is i + 1 initial for the j? You may rather access the 'i + 1 +
j'th element in the array...

...
+                                     par->init_sequence[i], j - i - 1,
...and get rid of the ' - i -1' part here.


-- 
With Best Regards,
Andy Shevchenko
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help