summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJacob Garber <jgarber1@ualberta.ca>2019-05-10 13:28:52 -0600
committerMasahiro Yamada <yamada.masahiro@socionext.com>2019-05-14 23:23:25 +0900
commitb9d1a8e9302e68ee03571a286aadeb8041e0b2ca (patch)
tree372b2d2bee6137d794110d7ff7e106b086dfbe99
parent4cb726121e2cce18d4db5e79347f3ade5fd661a2 (diff)
downloadlinux-b9d1a8e9302e68ee03571a286aadeb8041e0b2ca.tar.bz2
kconfig: use snprintf for formatting pathnames
Valid pathnames will never exceed PATH_MAX, but these file names are unsanitized and can cause buffer overflow if set incorrectly. Use snprintf to avoid this. This was flagged during a Coverity scan of the coreboot project, which also uses kconfig for its build system. Signed-off-by: Jacob Garber <jgarber1@ualberta.ca> Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-rw-r--r--scripts/kconfig/confdata.c2
-rw-r--r--scripts/kconfig/lexer.l3
2 files changed, 3 insertions, 2 deletions
diff --git a/scripts/kconfig/confdata.c b/scripts/kconfig/confdata.c
index b7bdd9690319..8bb74d468f45 100644
--- a/scripts/kconfig/confdata.c
+++ b/scripts/kconfig/confdata.c
@@ -241,7 +241,7 @@ char *conf_get_default_confname(void)
name = expand_string(conf_defname);
env = getenv(SRCTREE);
if (env) {
- sprintf(fullname, "%s/%s", env, name);
+ snprintf(fullname, sizeof(fullname), "%s/%s", env, name);
if (is_present(fullname))
return fullname;
}
diff --git a/scripts/kconfig/lexer.l b/scripts/kconfig/lexer.l
index c9df1c8b9824..6354c905b006 100644
--- a/scripts/kconfig/lexer.l
+++ b/scripts/kconfig/lexer.l
@@ -378,7 +378,8 @@ FILE *zconf_fopen(const char *name)
if (!f && name != NULL && name[0] != '/') {
env = getenv(SRCTREE);
if (env) {
- sprintf(fullname, "%s/%s", env, name);
+ snprintf(fullname, sizeof(fullname),
+ "%s/%s", env, name);
f = fopen(fullname, "r");
}
}