Re: [PATCH v2 1/3] staging/fbtft: Remove all strcpy() uses

24 Jul 2021


      On Sat, Jul 24, 2021 at 7:05 PM Len Baker len.baker@gmx.com wrote:
...
strcpy() performs no bounds checking on the destination buffer. This
could result in linear overflows beyond the end of the buffer, leading
to all kinds of misbehaviors. The safe replacement is strscpy() but in
this case it is simpler to use the "%*ph" format specifier.
...
...

  char msg[128];


128 / 4 = 32. So, this buffer is enough to debug print only up to 32
bytes. Hence %*ph replacement won't cut output earlier than requested.
...
...

                  for (j = i + 1; par->init_sequence[j] >= 0; j++);


Why is i + 1 initial for the j? You may rather access the 'i + 1 +
j'th element in the array...
...
...

                                par->init_sequence[i], j - i - 1,


...and get rid of the ' - i -1' part here.
-- 
With Best Regards,
Andy Shevchenko

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

Re: [PATCH v2 1/3] staging/fbtft: Remove all strcpy() uses