Fix possible buffer overflow by replacing sprintf with snprintf in tmp_next
and tmp_close.
Reported by coverity.
Signed-off-by: Vivek Trivedi <t.vivek@xxxxxxxxxxx>
---
fsr/xfs_fsr.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/fsr/xfs_fsr.c b/fsr/xfs_fsr.c
index 424fbce..bd459b6 100644
--- a/fsr/xfs_fsr.c
+++ b/fsr/xfs_fsr.c
@@ -1804,7 +1804,7 @@ tmp_next(char *mnt)
{
static char buf[SMBUFSZ];
- sprintf(buf, "%s/.fsr/ag%d/tmp%d",
+ snprintf(buf, SMBUFSZ, "%s/.fsr/ag%d/tmp%d",
( (strcmp(mnt, "/") == 0) ? "" : mnt),
tmp_agi,
getpid());
@@ -1823,7 +1823,7 @@ tmp_close(char *mnt)
/* No data is ever actually written so we can just do rmdir's */
for (i=0; i < fsgeom.agcount; i++) {
- sprintf(buf, "%s/.fsr/ag%d", mnt, i);
+ snprintf(buf, SMBUFSZ, "%s/.fsr/ag%d", mnt, i);
if (rmdir(buf) < 0) {
if (errno != ENOENT) {
fsrprintf(
--
1.7.9.5
_______________________________________________
xfs mailing list
xfs@xxxxxxxxxxx
http://oss.sgi.com/mailman/listinfo/xfs
