From: Heinrich Schuchardt Date: Tue, 22 Aug 2023 10:21:13 +0000 (+0200) Subject: cmd: setexpr: fix printf_str() X-Git-Tag: v2025.01-rc5-pxa1908~874^2~15 X-Git-Url: http://git.dujemihanovic.xyz/%7B%7B%20.Permalink%20%7D%7D?a=commitdiff_plain;h=175e4b01beed25dedbd17a082786ec2e6739f1b3;p=u-boot.git cmd: setexpr: fix printf_str() If vsnprintf() returns a negative number, (i >= remaining) will possibly be true: 'i' is of type signed int and 'remaining' is of the unsigned type size_t. The C language will convert i to an unsigned type before the comparison. This can result in the wrong error type being indicated. Checking for negative i should be done first. Fixes: f4f8d8bb1abc ("cmd: setexpr: add format string handling") Signed-off-by: Heinrich Schuchardt Reviewed-by: Simon Glass --- diff --git a/cmd/printf.c b/cmd/printf.c index e024676743..0c6887e0d6 100644 --- a/cmd/printf.c +++ b/cmd/printf.c @@ -144,10 +144,10 @@ static void printf_str(struct print_inf *inf, char *format, ...) i = vsnprintf(inf->str + inf->offset, remaining, format, args); va_end(args); - if (i >= remaining) - inf->error |= PRINT_TRUNCATED_ERROR; - else if (i < 0) + if (i < 0) inf->error |= PRINT_CONVERSION_ERROR; + else if ((unsigned int)i >= remaining) + inf->error |= PRINT_TRUNCATED_ERROR; else inf->offset += i; }