From: Masahiro Yamada <yamada.masahiro@socionext.com>
Date: Sun, 28 Jan 2018 09:41:23 +0000 (+0900)
Subject: kconfig: revert change that was not needed for -Wformat-security
X-Git-Tag: v2025.01-rc5-pxa1908~4964
X-Git-Url: http://git.dujemihanovic.xyz/img/static/git-logo.png?a=commitdiff_plain;h=1414e09b4f25f2ad5886f124024e10878feb75f0;p=u-boot.git

kconfig: revert change that was not needed for -Wformat-security

Recent GCC versions warn if the format string is not a literal
because the compiler cannot check the argument validity at compile
time.

Commit 192bc6948b02 ("Fix GCC format-security errors and convert
sprintfs.") blindly replaced sprintf() with strcpy(), including
many cases where the format parameter is a string literal.

For the kconfig change:

    sprintf(header, "   ");

..., here the format parameter is a string literal "   ", so it is
definitely equivalent to:

    strcpy(header, "   ");

Of course, if the 'header' did not have enough length for containing
"   ", it would be a security problem, but another problem.  (in this
case, the 'header' is 4 byte length buffer, so it is not a problem at
all.)

The kconfig code is kept as synced with Linux as possible, but this
change made the code out-of-sync for nothing.  Just reverting.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
---

diff --git a/scripts/kconfig/mconf.c b/scripts/kconfig/mconf.c
index 953d5c75e5..315ce2c7cb 100644
--- a/scripts/kconfig/mconf.c
+++ b/scripts/kconfig/mconf.c
@@ -379,7 +379,7 @@ static void update_text(char *buf, size_t start, size_t end, void *_data)
 				data->targets[k] = pos->target;
 				k++;
 			} else {
-				strcpy(header, "   ");
+				sprintf(header, "   ");
 			}
 
 			memcpy(buf + pos->offset, header, sizeof(header) - 1);