Hi Tom, Yes, I think Rasmus is correct. I didn't have any real cases that can trigger the bug. So let's don't include this patch. I'll see if I can revert this in AOSP's branch.
Yours, Paul Y On Tue, 15 Aug 2023 at 22:42, Tom Rini <tr...@konsulko.com> wrote: > On Thu, Mar 09, 2023 at 10:12:21AM +0800, Ying-Chun Liu (PaulLiu) wrote: > > > From: Tom Cherry <tomche...@google.com> > > > > vsnprintf_internal() adds 'size' to 'buf' and vsprintf() sets 'size' > > to 'INT_MAX' which can overflow. This causes sprintf() to fail when > > initializing the environment on 8GB. > > > > Instead of using 'INT_MAX', we use SIZE_MAX - buf, which is the > > largest possible string that could fit without overflowing 'size'. > > > > Signed-off-by: Tom Cherry <tomche...@google.com> > > [ Paul: pick from the Android tree. Rebase to the upstream ] > > Signed-off-by: Ying-Chun Liu (PaulLiu) <paul....@linaro.org> > > Cc: Tom Rini <tr...@konsulko.com> > > Link: > https://android.googlesource.com/platform/external/u-boot/+/43aae5d4415e0f9d744fb798acd52429d09957ce > > So, this link here leads back to > https://issuetracker.google.com/issues/200479053 which isn't public. > > Rasmus followed up and asked pointed questions, that weren't followed up > on. > > -- > Tom >
