From: Masahiro Yamada Date: Sun, 28 Jan 2018 09:41:23 +0000 (+0900) Subject: kconfig: revert change that was not needed for -Wformat-security X-Git-Tag: v2018.03-rc1~3 X-Git-Url: https://git.sur5r.net/?p=u-boot;a=commitdiff_plain;h=1414e09b4f25f2ad5886f124024e10878feb75f0 kconfig: revert change that was not needed for -Wformat-security Recent GCC versions warn if the format string is not a literal because the compiler cannot check the argument validity at compile time. Commit 192bc6948b02 ("Fix GCC format-security errors and convert sprintfs.") blindly replaced sprintf() with strcpy(), including many cases where the format parameter is a string literal. For the kconfig change: sprintf(header, " "); ..., here the format parameter is a string literal " ", so it is definitely equivalent to: strcpy(header, " "); Of course, if the 'header' did not have enough length for containing " ", it would be a security problem, but another problem. (in this case, the 'header' is 4 byte length buffer, so it is not a problem at all.) The kconfig code is kept as synced with Linux as possible, but this change made the code out-of-sync for nothing. Just reverting. Signed-off-by: Masahiro Yamada --- diff --git a/scripts/kconfig/mconf.c b/scripts/kconfig/mconf.c index 953d5c75e5..315ce2c7cb 100644 --- a/scripts/kconfig/mconf.c +++ b/scripts/kconfig/mconf.c @@ -379,7 +379,7 @@ static void update_text(char *buf, size_t start, size_t end, void *_data) data->targets[k] = pos->target; k++; } else { - strcpy(header, " "); + sprintf(header, " "); } memcpy(buf + pos->offset, header, sizeof(header) - 1);