Djam/u-boot
1
0
Fork 0
mirror of https://github.com/u-boot/u-boot.git synced 2025-04-21 20:34:38 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

cmd: setexpr: fix printf_str()

Browse source 
If vsnprintf() returns a negative number, (i >= remaining) will
possibly be true:

'i' is of type signed int and 'remaining' is of the unsigned type size_t.
The C language will convert i to an unsigned type before the comparison.

This can result in the wrong error type being indicated.

Checking for negative i should be done first.

Fixes: f4f8d8bb1a ("cmd: setexpr: add format string handling")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This commit is contained in:
Heinrich Schuchardt 2023-08-22 12:21:13 +02:00
parent 976fb2ffa3
commit 175e4b01be
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
cmd/printf.c
View file

@ -144,10 +144,10 @@ static void printf_str(struct print_inf *inf, char *format, ...)
i = vsnprintf(inf->str + inf->offset, remaining, format, args); i = vsnprintf(inf->str + inf->offset, remaining, format, args);
va_end(args); va_end(args);
if (i >= remaining) if (i < 0)
inf->error |= PRINT_TRUNCATED_ERROR;
else if (i < 0)
inf->error |= PRINT_CONVERSION_ERROR; inf->error |= PRINT_CONVERSION_ERROR;
else if ((unsigned int)i >= remaining)
inf->error |= PRINT_TRUNCATED_ERROR;
else else
inf->offset += i; inf->offset += i;
} }