From 140c8311f7cdf954d12cc18c183a37a717916a4d Mon Sep 17 00:00:00 2001 From: Soby Mathew Date: Thu, 20 Jun 2019 12:46:11 +0100 Subject: [PATCH 1/2] docs: Add the list of banned/use with caution APIs Credit to sam.ellis@arm.com for the input to create the list. Change-Id: Id70a8eddc5f2490811bebb278482c61950f10cce Signed-off-by: Soby Mathew --- docs/process/coding-guidelines.rst | 35 ++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/docs/process/coding-guidelines.rst b/docs/process/coding-guidelines.rst index d524d7331..093d66be3 100644 --- a/docs/process/coding-guidelines.rst +++ b/docs/process/coding-guidelines.rst @@ -263,6 +263,41 @@ a warning for this. Existing typedefs will be retained for compatibility. +Libc functions that are banned or to be used with caution +--------------------------------------------------------- + +Below is a list of functions that present security risks and either must not be +used (Banned) or are discouraged from use and must be used with care (Caution). + ++------------------------+-----------+--------------------------------------+ +| libc function | Status | Comments | ++========================+===========+======================================+ +| ``strcpy, wcscpy`` | Banned | use strlcpy instead | +| ``strncpy`` | | | ++------------------------+-----------+--------------------------------------+ +| ``strcat, wcscat`` | Banned | use strlcat instead | +| ``strncat`` | | | ++----------------------- +-----------+--------------------------------------+ +| ``sprintf, vsprintf`` | Banned | use snprintf, vsnprintf | +| | | instead | ++---------------------- -+-----------+--------------------------------------+ +| ``snprintf`` | Caution | ensure result fits in buffer | +| | | i.e : snprintf(buf,size...) < size | ++------------------------+-----------+--------------------------------------+ +| ``vsnprintf`` | Caution | inspect va_list match types | +| | | specified in format string | ++------------------------+-----------+--------------------------------------+ +| ``strtok`` | Banned | use strtok_r or strsep instead | ++------------------------+-----------+--------------------------------------+ +| ``strtok_r, strsep`` | Caution | inspect for terminated input buffer | ++------------------------+-----------+--------------------------------------+ +| ``ato*`` | Banned | use equivalent strto* functions | ++------------------------+-----------+--------------------------------------+ +| ``*toa`` | Banned | Use snprintf instead | ++------------------------+-----------+--------------------------------------+ + +The `libc` component in the codebase will not add support for the banned APIs. + Error handling and robustness ----------------------------- From 2aca35fd9b37f6c2482f8d807267400d18d17830 Mon Sep 17 00:00:00 2001 From: Soby Mathew Date: Thu, 20 Jun 2019 13:56:04 +0100 Subject: [PATCH 2/2] Fix the License header template in imx_aipstz.c Signed-off-by: Soby Mathew Change-Id: I2281b3c1b8a0f2caa751c746b7835f998183e0af --- plat/imx/imx8m/imx_aipstz.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/plat/imx/imx8m/imx_aipstz.c b/plat/imx/imx8m/imx_aipstz.c index a36e2961a..ecf8b1dda 100644 --- a/plat/imx/imx8m/imx_aipstz.c +++ b/plat/imx/imx8m/imx_aipstz.c @@ -1,7 +1,7 @@ /* - * copyright (c) 2019, arm limited and contributors. all rights reserved. + * Copyright (c) 2019, Arm Limited and Contributors. All rights reserved. * - * spdx-license-identifier: bsd-3-clause + * SPDX-License-Identifier: BSD-3-Clause */ #include