Skip to content

Commit

Permalink
kconfig: use snprintf for formatting pathnames
Browse files Browse the repository at this point in the history
Valid pathnames will never exceed PATH_MAX, but these file names
are unsanitized and can cause buffer overflow if set incorrectly.
Use snprintf to avoid this. This was flagged during a Coverity scan
of the coreboot project, which also uses kconfig for its build system.

Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
  • Loading branch information
Jacob Garber authored and Masahiro Yamada committed May 14, 2019
1 parent 4cb7261 commit b9d1a8e
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 2 deletions.
2 changes: 1 addition & 1 deletion scripts/kconfig/confdata.c
Original file line number Diff line number Diff line change
Expand Up @@ -241,7 +241,7 @@ char *conf_get_default_confname(void)
name = expand_string(conf_defname);
env = getenv(SRCTREE);
if (env) {
sprintf(fullname, "%s/%s", env, name);
snprintf(fullname, sizeof(fullname), "%s/%s", env, name);
if (is_present(fullname))
return fullname;
}
Expand Down
3 changes: 2 additions & 1 deletion scripts/kconfig/lexer.l
Original file line number Diff line number Diff line change
Expand Up @@ -378,7 +378,8 @@ FILE *zconf_fopen(const char *name)
if (!f && name != NULL && name[0] != '/') {
env = getenv(SRCTREE);
if (env) {
sprintf(fullname, "%s/%s", env, name);
snprintf(fullname, sizeof(fullname),
"%s/%s", env, name);
f = fopen(fullname, "r");
}
}
Expand Down

0 comments on commit b9d1a8e

Please sign in to comment.