From: Heinrich Schuchardt Date: Thu, 22 Aug 2019 19:58:26 +0000 (+0200) Subject: siemens: avoid out of bound access X-Git-Tag: v2025.01-rc5-pxa1908~2805^2~2 X-Git-Url: http://git.dujemihanovic.xyz/%22http:/www.sics.se/static/git-logo.png?a=commitdiff_plain;h=3c7166dbb464a65d9822cfee7c233a7d8c1a9672;p=u-boot.git siemens: avoid out of bound access char num[1]; sprintf(num, "%d", i); leads to a buffer overrun. Simplify the overly complex coding. Signed-off-by: Heinrich Schuchardt Reviewed-by: Bin Meng Acked-by: Heiko Schocher --- diff --git a/board/siemens/common/board.c b/board/siemens/common/board.c index 676935a843..75462d1c34 100644 --- a/board/siemens/common/board.c +++ b/board/siemens/common/board.c @@ -189,14 +189,11 @@ void set_env_gpios(unsigned char state) { char *ptr_env; char str_tmp[5]; /* must contain "ledX"*/ - char num[1]; unsigned char i, idx, pos1, pos2, ccount; unsigned char gpio_n, gpio_s0, gpio_s1; for (i = 0; i < MAX_NR_LEDS; i++) { - strcpy(str_tmp, "led"); - sprintf(num, "%d", i); - strcat(str_tmp, num); + sprintf(str_tmp, "led%d", i); /* If env var is not found we stop */ ptr_env = env_get(str_tmp);