A NULL pointer argument to %s causes a NULL pointer dereference in the fixed width numerical printout code, since p is overwritten with NULL. In case of %s width is 0. Check width before dereferencing the pointer.
Signed-off-by: Benedikt Spranger <b.spran...@linutronix.de> Reviewed-by: John Ogness <john.ogn...@linutronix.de> --- lib/tiny-printf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/tiny-printf.c b/lib/tiny-printf.c index 9a70c6095b3..b2f31c4004a 100644 --- a/lib/tiny-printf.c +++ b/lib/tiny-printf.c @@ -311,7 +311,7 @@ static int _vprintf(struct printf_info *info, const char *fmt, va_list va) *info->bf = 0; info->bf = p; - while (*info->bf++ && width > 0) + while (width > 0 && info->bf && *info->bf++) width--; while (width-- > 0) info->putc(info, lz ? '0' : ' '); -- 2.45.2