On 09/03/2023 03.12, Ying-Chun Liu (PaulLiu) wrote: > From: Tom Cherry <tomche...@google.com> > > vsnprintf_internal() adds 'size' to 'buf' and vsprintf() sets 'size' > to 'INT_MAX' which can overflow.
Yes, and? vsprintf_internal then detects that by looking at whether "end" is now before "buf", and if so corrects it by setting end to the largest possible address - which is more or less the same you do here, except if for the platform in question sizeof(size_t)!=sizeof(void *). So what exactly does this fix? That piece of code is stolen from linux, so if it's a problem in U-Boot it most definitely should also show up in linux, which it doesn't. More details please. What platform is this, what is sizeof(size_t) and sizeof(void *) and how does the amount of actual RAM come into the picture? Rasmus
