From 175e4b01beed25dedbd17a082786ec2e6739f1b3 Mon Sep 17 00:00:00 2001 From: Heinrich Schuchardt Date: Tue, 22 Aug 2023 12:21:13 +0200 Subject: [PATCH] cmd: setexpr: fix printf_str() If vsnprintf() returns a negative number, (i >= remaining) will possibly be true: 'i' is of type signed int and 'remaining' is of the unsigned type size_t. The C language will convert i to an unsigned type before the comparison. This can result in the wrong error type being indicated. Checking for negative i should be done first. Fixes: f4f8d8bb1abc ("cmd: setexpr: add format string handling") Signed-off-by: Heinrich Schuchardt Reviewed-by: Simon Glass --- cmd/printf.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cmd/printf.c b/cmd/printf.c index e024676743..0c6887e0d6 100644 --- a/cmd/printf.c +++ b/cmd/printf.c @@ -144,10 +144,10 @@ static void printf_str(struct print_inf *inf, char *format, ...) i = vsnprintf(inf->str + inf->offset, remaining, format, args); va_end(args); - if (i >= remaining) - inf->error |= PRINT_TRUNCATED_ERROR; - else if (i < 0) + if (i < 0) inf->error |= PRINT_CONVERSION_ERROR; + else if ((unsigned int)i >= remaining) + inf->error |= PRINT_TRUNCATED_ERROR; else inf->offset += i; } -- 2.39.5