Replace all occurences of sprintf with snprintf

THis reduces risks of bufer overflows.

Change-Id: I77f80e76efec16ac0a0af83d76430a8126a7602d
Signed-off-by: Vladimir Serbinenko <phcoder@gmail.com>
Reviewed-on: http://review.coreboot.org/4279
Tested-by: build bot (Jenkins)
Reviewed-by: Ronald G. Minnich <rminnich@gmail.com>
This commit is contained in:
Vladimir Serbinenko 2013-11-26 02:41:26 +01:00
parent 4b5012a4a2
commit a37383db80
18 changed files with 70 additions and 60 deletions

View File

@ -274,7 +274,8 @@ int acpigen_write_processor(u8 cpuindex, u32 pblock_addr, u8 pblock_len)
acpigen_emit_byte(0x83); acpigen_emit_byte(0x83);
len = acpigen_write_len_f(); len = acpigen_write_len_f();
sprintf(pscope, "\\_PR.CPU%x", (unsigned int) cpuindex); snprintf(pscope, sizeof (pscope),
"\\_PR.CPU%x", (unsigned int) cpuindex);
len += acpigen_emit_namestring(pscope); len += acpigen_emit_namestring(pscope);
acpigen_emit_byte(cpuindex); acpigen_emit_byte(cpuindex);
acpigen_emit_byte(pblock_addr & 0xff); acpigen_emit_byte(pblock_addr & 0xff);

View File

@ -231,48 +231,52 @@ const char *dev_path(device_t dev)
break; break;
case DEVICE_PATH_PCI: case DEVICE_PATH_PCI:
#if CONFIG_PCI_BUS_SEGN_BITS #if CONFIG_PCI_BUS_SEGN_BITS
sprintf(buffer, "PCI: %04x:%02x:%02x.%01x", snprintf(buffer, sizeof (buffer),
"PCI: %04x:%02x:%02x.%01x",
dev->bus->secondary >> 8, dev->bus->secondary >> 8,
dev->bus->secondary & 0xff, dev->bus->secondary & 0xff,
PCI_SLOT(dev->path.pci.devfn), PCI_SLOT(dev->path.pci.devfn),
PCI_FUNC(dev->path.pci.devfn)); PCI_FUNC(dev->path.pci.devfn));
#else #else
sprintf(buffer, "PCI: %02x:%02x.%01x", snprintf(buffer, sizeof (buffer),
"PCI: %02x:%02x.%01x",
dev->bus->secondary, dev->bus->secondary,
PCI_SLOT(dev->path.pci.devfn), PCI_SLOT(dev->path.pci.devfn),
PCI_FUNC(dev->path.pci.devfn)); PCI_FUNC(dev->path.pci.devfn));
#endif #endif
break; break;
case DEVICE_PATH_PNP: case DEVICE_PATH_PNP:
sprintf(buffer, "PNP: %04x.%01x", snprintf(buffer, sizeof (buffer), "PNP: %04x.%01x",
dev->path.pnp.port, dev->path.pnp.device); dev->path.pnp.port, dev->path.pnp.device);
break; break;
case DEVICE_PATH_I2C: case DEVICE_PATH_I2C:
sprintf(buffer, "I2C: %02x:%02x", snprintf(buffer, sizeof (buffer), "I2C: %02x:%02x",
dev->bus->secondary, dev->bus->secondary,
dev->path.i2c.device); dev->path.i2c.device);
break; break;
case DEVICE_PATH_APIC: case DEVICE_PATH_APIC:
sprintf(buffer, "APIC: %02x", snprintf(buffer, sizeof (buffer), "APIC: %02x",
dev->path.apic.apic_id); dev->path.apic.apic_id);
break; break;
case DEVICE_PATH_IOAPIC: case DEVICE_PATH_IOAPIC:
sprintf(buffer, "IOAPIC: %02x", snprintf(buffer, sizeof (buffer), "IOAPIC: %02x",
dev->path.ioapic.ioapic_id); dev->path.ioapic.ioapic_id);
break; break;
case DEVICE_PATH_DOMAIN: case DEVICE_PATH_DOMAIN:
sprintf(buffer, "DOMAIN: %04x", snprintf(buffer, sizeof (buffer), "DOMAIN: %04x",
dev->path.domain.domain); dev->path.domain.domain);
break; break;
case DEVICE_PATH_CPU_CLUSTER: case DEVICE_PATH_CPU_CLUSTER:
sprintf(buffer, "CPU_CLUSTER: %01x", snprintf(buffer, sizeof (buffer), "CPU_CLUSTER: %01x",
dev->path.cpu_cluster.cluster); dev->path.cpu_cluster.cluster);
break; break;
case DEVICE_PATH_CPU: case DEVICE_PATH_CPU:
sprintf(buffer, "CPU: %02x", dev->path.cpu.id); snprintf(buffer, sizeof (buffer),
"CPU: %02x", dev->path.cpu.id);
break; break;
case DEVICE_PATH_CPU_BUS: case DEVICE_PATH_CPU_BUS:
sprintf(buffer, "CPU_BUS: %02x", dev->path.cpu_bus.id); snprintf(buffer, sizeof (buffer),
"CPU_BUS: %02x", dev->path.cpu_bus.id);
break; break;
default: default:
printk(BIOS_ERR, "Unknown device path type: %d\n", printk(BIOS_ERR, "Unknown device path type: %d\n",
@ -296,7 +300,8 @@ const char *dev_name(device_t dev)
const char *bus_path(struct bus *bus) const char *bus_path(struct bus *bus)
{ {
static char buffer[BUS_PATH_MAX]; static char buffer[BUS_PATH_MAX];
sprintf(buffer, "%s,%d", dev_path(bus->dev), bus->link_num); snprintf(buffer, sizeof (buffer),
"%s,%d", dev_path(bus->dev), bus->link_num);
return buffer; return buffer;
} }
@ -584,7 +589,7 @@ resource_t resource_max(struct resource *resource)
const char *resource_type(struct resource *resource) const char *resource_type(struct resource *resource)
{ {
static char buffer[RESOURCE_TYPE_MAX]; static char buffer[RESOURCE_TYPE_MAX];
sprintf(buffer, "%s%s%s%s", snprintf(buffer, sizeof (buffer), "%s%s%s%s",
((resource->flags & IORESOURCE_READONLY) ? "ro" : ""), ((resource->flags & IORESOURCE_READONLY) ? "ro" : ""),
((resource->flags & IORESOURCE_PREFETCH) ? "pref" : ""), ((resource->flags & IORESOURCE_PREFETCH) ? "pref" : ""),
((resource->flags == 0) ? "unused" : ((resource->flags == 0) ? "unused" :
@ -618,10 +623,12 @@ void report_resource_stored(device_t dev, struct resource *resource,
if (resource->flags & IORESOURCE_PCI_BRIDGE) { if (resource->flags & IORESOURCE_PCI_BRIDGE) {
#if CONFIG_PCI_BUS_SEGN_BITS #if CONFIG_PCI_BUS_SEGN_BITS
sprintf(buf, "bus %04x:%02x ", dev->bus->secondary >> 8, snprintf(buf, sizeof (buf),
"bus %04x:%02x ", dev->bus->secondary >> 8,
dev->link_list->secondary & 0xff); dev->link_list->secondary & 0xff);
#else #else
sprintf(buf, "bus %02x ", dev->link_list->secondary); snprintf(buf, sizeof (buf),
"bus %02x ", dev->link_list->secondary);
#endif #endif
} }
printk(BIOS_DEBUG, "%s %02lx <- [0x%010llx - 0x%010llx] size 0x%08llx " printk(BIOS_DEBUG, "%s %02lx <- [0x%010llx - 0x%010llx] size 0x%08llx "
@ -830,10 +837,12 @@ void show_one_resource(int debug_level, struct device *dev,
/* /*
if (resource->flags & IORESOURCE_BRIDGE) { if (resource->flags & IORESOURCE_BRIDGE) {
#if CONFIG_PCI_BUS_SEGN_BITS #if CONFIG_PCI_BUS_SEGN_BITS
sprintf(buf, "bus %04x:%02x ", dev->bus->secondary >> 8, snprintf(buf, sizeof (buf), "bus %04x:%02x ",
dev->bus->secondary >> 8,
dev->link[0].secondary & 0xff); dev->link[0].secondary & 0xff);
#else #else
sprintf(buf, "bus %02x ", dev->link[0].secondary); snprintf(buf, sizeof (buf),
"bus %02x ", dev->link[0].secondary);
#endif #endif
} }
*/ */

View File

@ -163,15 +163,15 @@ void x86emu_inc_decoded_inst_len (int x)
void x86emu_decode_printf (const char *x) void x86emu_decode_printf (const char *x)
{ {
sprintf(M.x86.decoded_buf+M.x86.enc_str_pos,"%s",x); strcpy(M.x86.decoded_buf+M.x86.enc_str_pos,x);
M.x86.enc_str_pos += strlen(x); M.x86.enc_str_pos += strlen(x);
} }
void x86emu_decode_printf2 (const char *x, int y) void x86emu_decode_printf2 (const char *x, int y)
{ {
char temp[100]; char temp[100];
sprintf(temp,x,y); snprintf(temp, sizeof (temp), x,y);
sprintf(M.x86.decoded_buf+M.x86.enc_str_pos,"%s",temp); strcpy(M.x86.decoded_buf+M.x86.enc_str_pos,temp);
M.x86.enc_str_pos += strlen(temp); M.x86.enc_str_pos += strlen(temp);
} }
@ -186,7 +186,7 @@ static void print_encoded_bytes (u16 s, u16 o)
int i; int i;
char buf1[64]; char buf1[64];
for (i=0; i< M.x86.enc_pos; i++) { for (i=0; i< M.x86.enc_pos; i++) {
sprintf(buf1+2*i,"%02x", fetch_data_byte_abs(s,o+i)); snprintf(buf1+2*i, 64 - 2 * i, "%02x", fetch_data_byte_abs(s,o+i));
} }
printf("%-20s ",buf1); printf("%-20s ",buf1);
} }

View File

@ -125,14 +125,14 @@ u8 h8_build_id_and_function_spec_version(char *buf, u8 buf_len)
for (i = 0; i < 8; i++) { for (i = 0; i < 8; i++) {
c = ec_read(0xf0 + i); c = ec_read(0xf0 + i);
if (c < 0x20 || c > 0x7f) { if (c < 0x20 || c > 0x7f) {
i = sprintf(str, "*INVALID"); i = snprintf(str, sizeof (str), "*INVALID");
break; break;
} }
str[i] = c; str[i] = c;
} }
/* EC firmware function specification version */ /* EC firmware function specification version */
i += sprintf(str + i, "-%u.%u", ec_read(0xef), ec_read(0xeb)); i += snprintf(str + i, sizeof (str) - i, "-%u.%u", ec_read(0xef), ec_read(0xeb));
i = MIN(buf_len, i); i = MIN(buf_len, i);
memcpy(buf, str, i); memcpy(buf, str, i);

View File

@ -78,7 +78,7 @@ const u32 link_edid_data[] = {
static char *regname(unsigned long addr) static char *regname(unsigned long addr)
{ {
static char name[16]; static char name[16];
sprintf(name, "0x%lx", addr); snprintf(name, sizeof (name), "0x%lx", addr);
return name; return name;
} }

View File

@ -88,7 +88,7 @@ setgtt(int start, int end, unsigned long base, int inc)
static char *regname(unsigned long addr) static char *regname(unsigned long addr)
{ {
static char name[16]; static char name[16];
sprintf(name, "0x%lx", addr); snprintf(name, sizeof (name), "0x%lx", addr);
return name; return name;
} }

View File

@ -88,7 +88,7 @@ static int ioread = 0, iowrite = 0;
static char *regname(unsigned long addr) static char *regname(unsigned long addr)
{ {
static char name[16]; static char name[16];
sprintf(name, "0x%lx", addr); snprintf(name, sizeof (name), "0x%lx", addr);
return name; return name;
} }

View File

@ -80,7 +80,7 @@ const u32 x60_edid_data[] = {
static char *regname(unsigned long addr) static char *regname(unsigned long addr)
{ {
static char name[16]; static char name[16];
sprintf(name, "0x%lx", addr); snprintf(name, sizeof (name), "0x%lx", addr);
return name; return name;
} }

View File

@ -657,7 +657,7 @@ static void amdfam10_set_resource(device_t dev, struct resource *resource,
store_conf_mmio_addr(nodeid, link_num, reg, (resource->index >>24), rbase>>8, rend>>8); store_conf_mmio_addr(nodeid, link_num, reg, (resource->index >>24), rbase>>8, rend>>8);
} }
resource->flags |= IORESOURCE_STORED; resource->flags |= IORESOURCE_STORED;
sprintf(buf, " <node %x link %x>", snprintf(buf, sizeof (buf), " <node %x link %x>",
nodeid, link_num); nodeid, link_num);
report_resource_stored(dev, resource, buf); report_resource_stored(dev, resource, buf);
} }

View File

@ -402,7 +402,7 @@ static void set_resource(device_t dev, struct resource *resource,
set_mmio_addr_reg(nodeid, link_num, reg, (resource->index >>24), rbase>>8, rend>>8, 1) ;// [39:8] set_mmio_addr_reg(nodeid, link_num, reg, (resource->index >>24), rbase>>8, rend>>8, 1) ;// [39:8]
} }
resource->flags |= IORESOURCE_STORED; resource->flags |= IORESOURCE_STORED;
sprintf(buf, " <node %x link %x>", snprintf(buf, sizeof (buf), " <node %x link %x>",
nodeid, link_num); nodeid, link_num);
report_resource_stored(dev, resource, buf); report_resource_stored(dev, resource, buf);
printk(BIOS_DEBUG, "Fam12h - northbridge.c - %s - End.\n",__func__); printk(BIOS_DEBUG, "Fam12h - northbridge.c - %s - End.\n",__func__);

View File

@ -402,7 +402,7 @@ static void set_resource(device_t dev, struct resource *resource, u32 nodeid)
rbase >> 8, rend >> 8, 1); // [39:8] rbase >> 8, rend >> 8, 1); // [39:8]
} }
resource->flags |= IORESOURCE_STORED; resource->flags |= IORESOURCE_STORED;
sprintf(buf, " <node %x link %x>", nodeid, link_num); snprintf(buf, sizeof (buf), " <node %x link %x>", nodeid, link_num);
report_resource_stored(dev, resource, buf); report_resource_stored(dev, resource, buf);
} }

View File

@ -400,7 +400,7 @@ static void set_resource(device_t dev, struct resource *resource, u32 nodeid)
set_mmio_addr_reg(nodeid, link_num, reg, (resource->index >>24), rbase>>8, rend>>8, node_nums) ;// [39:8] set_mmio_addr_reg(nodeid, link_num, reg, (resource->index >>24), rbase>>8, rend>>8, node_nums) ;// [39:8]
} }
resource->flags |= IORESOURCE_STORED; resource->flags |= IORESOURCE_STORED;
sprintf(buf, " <node %x link %x>", snprintf(buf, sizeof (buf), " <node %x link %x>",
nodeid, link_num); nodeid, link_num);
report_resource_stored(dev, resource, buf); report_resource_stored(dev, resource, buf);
} }

View File

@ -393,7 +393,7 @@ static void set_resource(device_t dev, struct resource *resource, u32 nodeid)
set_mmio_addr_reg(nodeid, link_num, reg, (resource->index >>24), rbase>>8, rend>>8, node_nums) ;// [39:8] set_mmio_addr_reg(nodeid, link_num, reg, (resource->index >>24), rbase>>8, rend>>8, node_nums) ;// [39:8]
} }
resource->flags |= IORESOURCE_STORED; resource->flags |= IORESOURCE_STORED;
sprintf(buf, " <node %x link %x>", snprintf(buf, sizeof (buf), " <node %x link %x>",
nodeid, link_num); nodeid, link_num);
report_resource_stored(dev, resource, buf); report_resource_stored(dev, resource, buf);
} }

View File

@ -380,7 +380,7 @@ static void set_resource(device_t dev, struct resource *resource, u32 nodeid)
set_mmio_addr_reg(nodeid, link_num, reg, (resource->index >>24), rbase>>8, rend>>8, node_nums) ;// [39:8] set_mmio_addr_reg(nodeid, link_num, reg, (resource->index >>24), rbase>>8, rend>>8, node_nums) ;// [39:8]
} }
resource->flags |= IORESOURCE_STORED; resource->flags |= IORESOURCE_STORED;
sprintf(buf, " <node %x link %x>", snprintf(buf, sizeof (buf), " <node %x link %x>",
nodeid, link_num); nodeid, link_num);
report_resource_stored(dev, resource, buf); report_resource_stored(dev, resource, buf);
} }

View File

@ -313,7 +313,7 @@ static void update_sspr(void *sspr, u32 nodeid, u32 cpuindex)
CONTROL = sspr + 0x8d; CONTROL = sspr + 0x8d;
STATUS = sspr + 0x8f; STATUS = sspr + 0x8f;
sprintf((char*)CPU, "%02x", (char)cpuindex); snprintf((char*)CPU, 3, "%02x", (char)cpuindex);
*CPUIN = (u8) cpuindex; *CPUIN = (u8) cpuindex;
for(i=0;i<sysconf.p_state_num;i++) { for(i=0;i<sysconf.p_state_num;i++) {

View File

@ -541,7 +541,7 @@ static void amdfam10_set_resource(device_t dev, struct resource *resource,
store_conf_mmio_addr(nodeid, link_num, reg, (resource->index >>24), rbase>>8, rend>>8); store_conf_mmio_addr(nodeid, link_num, reg, (resource->index >>24), rbase>>8, rend>>8);
} }
resource->flags |= IORESOURCE_STORED; resource->flags |= IORESOURCE_STORED;
sprintf(buf, " <node %x link %x>", snprintf(buf, sizeof (buf), " <node %x link %x>",
nodeid, link_num); nodeid, link_num);
report_resource_stored(dev, resource, buf); report_resource_stored(dev, resource, buf);
} }

View File

@ -479,7 +479,7 @@ static void amdk8_set_resource(device_t dev, struct resource *resource, unsigned
f1_write_config32(reg, base); f1_write_config32(reg, base);
} }
resource->flags |= IORESOURCE_STORED; resource->flags |= IORESOURCE_STORED;
sprintf(buf, " <node %x link %x>", snprintf(buf, sizeof (buf), " <node %x link %x>",
nodeid, link_num); nodeid, link_num);
report_resource_stored(dev, resource, buf); report_resource_stored(dev, resource, buf);
} }

View File

@ -60,7 +60,7 @@ void acpi_create_intel_hpet(acpi_hpet_t * hpet)
static int acpi_create_serialio_ssdt_entry(int id, global_nvs_t *gnvs) static int acpi_create_serialio_ssdt_entry(int id, global_nvs_t *gnvs)
{ {
char sio_name[5] = {}; char sio_name[5] = {};
sprintf(sio_name, "S%1uEN", id); snprintf(sio_name, sizeof (sio_name), "S%1uEN", id);
return acpigen_write_name_byte(sio_name, gnvs->s0b[id] ? 1 : 0); return acpigen_write_name_byte(sio_name, gnvs->s0b[id] ? 1 : 0);
} }