github
/
arm-trusted-firmware
mirror of https://github.com/ARM-software/arm-trusted-firmware.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Merge changes from topic "banned_api_list" into integration 

* changes:
  Fix the License header template in imx_aipstz.c
  docs: Add the list of banned/use with caution APIs
pull/1931/head
Soby Mathew 5 years ago
committed by TrustedFirmware Code Review
parent
39c92b6271 2aca35fd9b
commit
0d220b3519
2 changed files with 37 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 35
      docs/process/coding-guidelines.rst
  2. 4
      plat/imx/imx8m/imx_aipstz.c

35
docs/process/coding-guidelines.rst
View File

@ -263,6 +263,41 @@ a warning for this.
Existing typedefs will be retained for compatibility.
Libc functions that are banned or to be used with caution
---------------------------------------------------------
Below is a list of functions that present security risks and either must not be
used (Banned) or are discouraged from use and must be used with care (Caution).
+------------------------+-----------+--------------------------------------+
| libc function | Status | Comments |
+========================+===========+======================================+
| ``strcpy, wcscpy`` | Banned | use strlcpy instead |
| ``strncpy`` | | |
+------------------------+-----------+--------------------------------------+
| ``strcat, wcscat`` | Banned | use strlcat instead |
| ``strncat`` | | |
+----------------------- +-----------+--------------------------------------+
| ``sprintf, vsprintf`` | Banned | use snprintf, vsnprintf |
| | | instead |
+---------------------- -+-----------+--------------------------------------+
| ``snprintf`` | Caution | ensure result fits in buffer |
| | | i.e : snprintf(buf,size...) < size |
+------------------------+-----------+--------------------------------------+
| ``vsnprintf`` | Caution | inspect va_list match types |
| | | specified in format string |
+------------------------+-----------+--------------------------------------+
| ``strtok`` | Banned | use strtok_r or strsep instead |
+------------------------+-----------+--------------------------------------+
| ``strtok_r, strsep`` | Caution | inspect for terminated input buffer |
+------------------------+-----------+--------------------------------------+
| ``ato*`` | Banned | use equivalent strto* functions |
+------------------------+-----------+--------------------------------------+
| ``*toa`` | Banned | Use snprintf instead |
+------------------------+-----------+--------------------------------------+
The `libc` component in the codebase will not add support for the banned APIs.
Error handling and robustness
-----------------------------

4
plat/imx/imx8m/imx_aipstz.c
View File

@ -1,7 +1,7 @@
/*
* copyright (c) 2019, arm limited and contributors. all rights reserved.
* Copyright (c) 2019, Arm Limited and Contributors. All rights reserved.
*
* spdx-license-identifier: bsd-3-clause
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <lib/mmio.h>

Write Preview
Loading…
Cancel
Save