summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorYunhee Seo <yuni.seo@samsung.com>2024-07-16 16:21:32 +0900
committerYunhee Seo <yuni.seo@samsung.com>2024-07-24 16:01:24 +0900
commit74b327e8fe2cfaa6cdc6b3e4994cdbf5c361938d (patch)
tree2ac1395812907b7fbc04ade7ba2f208df01967e9
parente20823a5b4ce4cc25f7e90461575434c0de80651 (diff)
downloaddevice-visionfive2-accepted/tizen_unified.tar.gz
device-visionfive2-accepted/tizen_unified.tar.bz2
device-visionfive2-accepted/tizen_unified.zip
There was a missing code for handling the null character so that it doesn't exceed the array size when reading and storing strings. The code has been modified to handle the array safely. To avoid overflow issue, this is necessary. Change-Id: Ib75301a07906391c57fb739ef3399ff211cd1503 Signed-off-by: Yunhee Seo <yuni.seo@samsung.com>
-rw-r--r--src/util.c21
1 files changed, 10 insertions, 11 deletions
diff --git a/src/util.c b/src/util.c
index e2abf4b..87e0fcc 100644
--- a/src/util.c
+++ b/src/util.c
@@ -30,19 +30,18 @@ static int sysfs_read_buf(char *path, char *buf, int len)
fd = open(path, O_RDONLY);
if (fd == -1)
- return -ENOENT;
+ return -errno;
r = read(fd, buf, len);
close(fd);
- if ((r < 0) || (r > len))
+ if ((r < 0) || (r >= len)) {
+ buf[0] = '\0';
return -EIO;
+ }
- /* Replace '\n' with space (ascii code is 32) */
- buf[strcspn(buf, "\n")] = (char)32;
buf[r] = '\0';
-
- return 0;
+ return r;
}
int sysfs_write_buf(char *path, char *buf)
@@ -54,7 +53,7 @@ int sysfs_write_buf(char *path, char *buf)
fd = open(path, O_WRONLY);
if (fd == -1)
- return -ENOENT;
+ return -errno;
w = write(fd, buf, strlen(buf));
close(fd);
@@ -67,13 +66,13 @@ int sysfs_write_buf(char *path, char *buf)
int sysfs_read_int(char *path, int *val)
{
- char buf[MAX_BUF_SIZE + 1];
+ char buf[MAX_BUF_SIZE];
int r;
if ((!path) || (!val))
return -EINVAL;
- r = sysfs_read_buf(path, buf, MAX_BUF_SIZE);
+ r = sysfs_read_buf(path, buf, sizeof(buf));
if (r < 0)
return r;
@@ -97,13 +96,13 @@ int sysfs_read_str(char *path, char *str, int len)
int sysfs_write_int(char *path, int val)
{
- char buf[MAX_BUF_SIZE + 1];
+ char buf[MAX_BUF_SIZE];
int w;
if (!path)
return -EINVAL;
- snprintf(buf, MAX_BUF_SIZE, "%d", val);
+ snprintf(buf, sizeof(buf), "%d", val);
w = sysfs_write_buf(path, buf);
if (w < 0)
return w;