kconfig: use snprintf for formatting pathnames
authorJacob Garber <jgarber1@ualberta.ca>
Fri, 10 May 2019 19:28:52 +0000 (13:28 -0600)
committerMasahiro Yamada <yamada.masahiro@socionext.com>
Tue, 14 May 2019 14:23:25 +0000 (23:23 +0900)
Valid pathnames will never exceed PATH_MAX, but these file names
are unsanitized and can cause buffer overflow if set incorrectly.
Use snprintf to avoid this. This was flagged during a Coverity scan
of the coreboot project, which also uses kconfig for its build system.

Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
scripts/kconfig/confdata.c
scripts/kconfig/lexer.l

index b7bdd9690319c9a9fe40de3903dcc60cc645a115..8bb74d468f45c50e87eb066df359d6bdc322cda0 100644 (file)
@@ -241,7 +241,7 @@ char *conf_get_default_confname(void)
        name = expand_string(conf_defname);
        env = getenv(SRCTREE);
        if (env) {
-               sprintf(fullname, "%s/%s", env, name);
+               snprintf(fullname, sizeof(fullname), "%s/%s", env, name);
                if (is_present(fullname))
                        return fullname;
        }
index c9df1c8b982494cecdf8751ccf0275e14c07d35e..6354c905b006f66e673d9b098c2ae50ef29271c4 100644 (file)
@@ -378,7 +378,8 @@ FILE *zconf_fopen(const char *name)
        if (!f && name != NULL && name[0] != '/') {
                env = getenv(SRCTREE);
                if (env) {
-                       sprintf(fullname, "%s/%s", env, name);
+                       snprintf(fullname, sizeof(fullname),
+                                "%s/%s", env, name);
                        f = fopen(fullname, "r");
                }
        }