| Message ID | 1517132483-22879-1-git-send-email-yamada.masahiro@socionext.com |
|---|---|
| State | Accepted |
| Commit | 1414e09b4f25f2ad5886f124024e10878feb75f0 |
| Headers | show |
| Series | kconfig: revert change that was not needed for -Wformat-security | expand |
On Sun, Jan 28, 2018 at 06:41:23PM +0900, Masahiro Yamada wrote: > Recent GCC versions warn if the format string is not a literal > because the compiler cannot check the argument validity at compile > time. > > Commit 192bc6948b02 ("Fix GCC format-security errors and convert > sprintfs.") blindly replaced sprintf() with strcpy(), including > many cases where the format parameter is a string literal. > > For the kconfig change: > > sprintf(header, " "); > > ..., here the format parameter is a string literal " ", so it is > definitely equivalent to: > > strcpy(header, " "); > > Of course, if the 'header' did not have enough length for containing > " ", it would be a security problem, but another problem. (in this > case, the 'header' is 4 byte length buffer, so it is not a problem at > all.) > > The kconfig code is kept as synced with Linux as possible, but this > change made the code out-of-sync for nothing. Just reverting. > > Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com> Applied to u-boot/master, thanks! -- Tom
diff --git a/scripts/kconfig/mconf.c b/scripts/kconfig/mconf.c index 953d5c7..315ce2c 100644 --- a/scripts/kconfig/mconf.c +++ b/scripts/kconfig/mconf.c @@ -379,7 +379,7 @@ static void update_text(char *buf, size_t start, size_t end, void *_data) data->targets[k] = pos->target; k++; } else { - strcpy(header, " "); + sprintf(header, " "); } memcpy(buf + pos->offset, header, sizeof(header) - 1);
Recent GCC versions warn if the format string is not a literal because the compiler cannot check the argument validity at compile time. Commit 192bc6948b02 ("Fix GCC format-security errors and convert sprintfs.") blindly replaced sprintf() with strcpy(), including many cases where the format parameter is a string literal. For the kconfig change: sprintf(header, " "); ..., here the format parameter is a string literal " ", so it is definitely equivalent to: strcpy(header, " "); Of course, if the 'header' did not have enough length for containing " ", it would be a security problem, but another problem. (in this case, the 'header' is 4 byte length buffer, so it is not a problem at all.) The kconfig code is kept as synced with Linux as possible, but this change made the code out-of-sync for nothing. Just reverting. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com> --- scripts/kconfig/mconf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)