From f9e7649338178f823e291386dde5086ad636b703 Mon Sep 17 00:00:00 2001 From: Stefan Agner Date: Tue, 11 Aug 2015 15:24:49 +0200 Subject: ARM: vf610: use strcpy for soc environemnt variable To create the soc environment variable we concatenate two strings on the stack. So far, strcat has been used for the first string as well as for the second string. Since the variable on the stack is not initialized, the first strcat may not start using the first entry in the character array. This then could lead to an buffer overflow on the stack. --- arch/arm/cpu/armv7/vf610/generic.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm/cpu/armv7/vf610/generic.c b/arch/arm/cpu/armv7/vf610/generic.c index c779aeda79..f0a6965aa9 100644 --- a/arch/arm/cpu/armv7/vf610/generic.c +++ b/arch/arm/cpu/armv7/vf610/generic.c @@ -346,7 +346,7 @@ int arch_misc_init(void) { char soc[6]; - strcat(soc, "vf"); + strcpy(soc, "vf"); strcat(soc, soc_type); setenv("soc", soc); -- cgit v1.2.3