new tools + fixes #9
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| } | ||
| fclose(file); | ||
| printf("Script saved to payload.dd!\n"); | ||
| printf("Script saved!\n"); |
Check warning
Code scanning / devskim
These functions are historically error-prone and have been associated with a significant number of vulnerabilities. Most of these functions have safer alternatives, such as replacing 'strcpy' with 'strlcpy' or 'strcpy_s'. Warning
| if (strlen(script) + strlen(scriptBuffer) + 1 <= sizeBytes) { | ||
| strcat(scriptBuffer, script); | ||
| } else { | ||
| printf("Script buffer is full. Exiting.\n"); |
Check warning
Code scanning / devskim
These functions are historically error-prone and have been associated with a significant number of vulnerabilities. Most of these functions have safer alternatives, such as replacing 'strcpy' with 'strlcpy' or 'strcpy_s'. Warning
| if (strcmp(script, "EXIT") == 0) { | ||
| // append script line to buffer | ||
| if (strlen(script) + strlen(scriptBuffer) + 1 <= sizeBytes) { | ||
| strcat(scriptBuffer, script); |
Check failure
Code scanning / devskim
If the combination of strings is larger than the destination buffer, strcat will cbuffer overflow the destination buffer Error
| // exit if command is "exit" | ||
| if (strcmp(script, "EXIT") == 0) { | ||
| // append script line to buffer | ||
| if (strlen(script) + strlen(scriptBuffer) + 1 <= sizeBytes) { |
Check notice
Code scanning / devskim
If a string is missing a null terminator, strlen will read past the end of the buffer Note
| // exit if command is "exit" | ||
| if (strcmp(script, "EXIT") == 0) { | ||
| // append script line to buffer | ||
| if (strlen(script) + strlen(scriptBuffer) + 1 <= sizeBytes) { |
Check notice
Code scanning / devskim
If a string is missing a null terminator, strlen will read past the end of the buffer Note
| return; | ||
| } | ||
|
|
||
| printf("\nWriting data to flash...\n"); |
Check warning
Code scanning / devskim
These functions are historically error-prone and have been associated with a significant number of vulnerabilities. Most of these functions have safer alternatives, such as replacing 'strcpy' with 'strlcpy' or 'strcpy_s'. Warning
|
|
||
| // check if the length exceeds the available space | ||
| if (len > sizeBytes) { | ||
| printf("Error: Data exceeds available space :/\n"); |
Check warning
Code scanning / devskim
These functions are historically error-prone and have been associated with a significant number of vulnerabilities. Most of these functions have safer alternatives, such as replacing 'strcpy' with 'strlcpy' or 'strcpy_s'. Warning
| void separate(const char *buffer, size_t buflen, char *array) { | ||
| // check if the buffer is empty | ||
| if (buflen == 0) { | ||
| printf("Buffer is empty.\n"); |
Check warning
Code scanning / devskim
These functions are historically error-prone and have been associated with a significant number of vulnerabilities. Most of these functions have safer alternatives, such as replacing 'strcpy' with 'strlcpy' or 'strcpy_s'. Warning
| // erase memory at specified range | ||
| flash_range_erase(startAddress, sizeBytes); | ||
|
|
||
| printf("Done.\n"); |
Check warning
Code scanning / devskim
These functions are historically error-prone and have been associated with a significant number of vulnerabilities. Most of these functions have safer alternatives, such as replacing 'strcpy' with 'strlcpy' or 'strcpy_s'. Warning
|
|
||
| // format the specified area | ||
| void format(void) { | ||
| printf("\nErasing flash...\n"); |
Check warning
Code scanning / devskim
These functions are historically error-prone and have been associated with a significant number of vulnerabilities. Most of these functions have safer alternatives, such as replacing 'strcpy' with 'strlcpy' or 'strcpy_s'. Warning
No description provided.