[PATCH 11/16] fs: use safe_strncpy instead of sprintf

[Sascha Hauer <s.hauer@xxxxxxxxxxxxxx>]

This is safe against string overflows.

Signed-off-by: Sascha Hauer <s.hauer@xxxxxxxxxxxxxx>
---
 fs/fs.c |    5 +++--
 1 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/fs/fs.c b/fs/fs.c
index 059f67a..8f43481 100644
--- a/fs/fs.c
+++ b/fs/fs.c
@@ -30,6 +30,7 @@
 #include <xfuncs.h>
 #include <init.h>
 #include <module.h>
+#include <libbb.h>
 
 void *read_file(const char *filename, size_t *size)
 {
@@ -783,7 +784,7 @@ int mount(const char *device, const char *fsname, const char *_path)
 			goto out;
 		}
 	}
-	sprintf(fsdev->dev.name, "%s", fsname);
+	safe_strncpy(fsdev->dev.name, fsname, MAX_DRIVER_NAME);
 	fsdev->dev.type_data = fsdev;
 	fsdev->dev.id = get_free_deviceid(fsdev->dev.name);
 
@@ -807,7 +808,7 @@ int mount(const char *device, const char *fsname, const char *_path)
 
 	/* add mtab entry */
 	entry = &fsdev->mtab; 
-	sprintf(entry->path, "%s", path);
+	safe_strncpy(entry->path, path, PATH_MAX);
 	entry->dev = dev;
 	entry->parent_device = parent_device;
 	entry->next = NULL;
-- 
1.7.2.3


_______________________________________________
barebox mailing list
barebox@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/barebox