From c96d728d8148a06a311dc56845a8e16108bdd847 Mon Sep 17 00:00:00 2001 From: William Wilgus Date: Tue, 4 Jun 2024 16:43:58 -0400 Subject: [coverity] debug-imx233.c dbg_hw_info_audio() use strlcat, fix snprintf call technically this isn't currently causing any issue but coverity correctly identified the potential for buffer ovfl Change-Id: I4af462c9860c44f22d05b5b2b4c685364823d395 --- firmware/target/arm/imx233/debug-imx233.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) (limited to 'firmware/target') diff --git a/firmware/target/arm/imx233/debug-imx233.c b/firmware/target/arm/imx233/debug-imx233.c index 4487952162..5d759e40aa 100644 --- a/firmware/target/arm/imx233/debug-imx233.c +++ b/firmware/target/arm/imx233/debug-imx233.c @@ -963,6 +963,7 @@ bool dbg_hw_info_audio(void) struct imx233_audioout_info_t out = imx233_audioout_get_info(); struct imx233_audioin_info_t in = imx233_audioin_get_info(); int line = 0; + size_t len; #define display_sys(st, sys, name) \ if(st.sys) \ { \ @@ -971,15 +972,17 @@ bool dbg_hw_info_audio(void) for(int i = 0; i < 2; i++) \ { \ if(st.sys##mute[i]) \ - strcat(buffer, "mute"); \ - else \ - snprintf(buffer + strlen(buffer), 64, "%d.%d", \ + strlcat(buffer, "mute", 64); \ + else { \ + len = strlen(buffer); \ + snprintf(buffer + len, 64 - len, "%d.%d", \ /* properly handle negative values ! */ \ st.sys##vol[i] / 10, (10 + (st.sys##vol[i]) % 10) % 10); \ + } \ if(i == 0) \ - strcat(buffer, " / "); \ + strlcat(buffer, " / ", 64); \ else \ - strcat(buffer, " dB"); \ + strlcat(buffer, " dB", 64); \ } \ lcd_putsf(0, line++, "%s", buffer); \ } \ -- cgit v1.2.3