[PATCH] Utils: Change sprintf to snprintf

[PATCH] Utils: Change sprintf to snprintf

[Mateusz Kusiak]

Using sprintf can cause segmentation fault by exceeding the size of buffer array.

Signed-off-by: Mateusz Kusiak <mateusz.kusiak@intel.com>
---
 util.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/util.c b/util.c
index cdf1da24..ea07277c 100644
--- a/util.c
+++ b/util.c
@@ -947,12 +947,12 @@ dev_t devnm2devid(char *devnm)
 	/* First look in /sys/block/$DEVNM/dev for %d:%d
 	 * If that fails, try parsing out a number
 	 */
-	char path[100];
+	char path[PATH_MAX];
 	char *ep;
 	int fd;
 	int mjr,mnr;
 
-	sprintf(path, "/sys/block/%s/dev", devnm);
+	snprintf(path, sizeof(path), "/sys/block/%s/dev", devnm);
 	fd = open(path, O_RDONLY);
 	if (fd >= 0) {
 		char buf[20];
-- 
2.26.2

Re: [PATCH] Utils: Change sprintf to snprintf

[Jes Sorensen]

On 8/12/21 7:48 AM, Mateusz Kusiak wrote:
> Using sprintf can cause segmentation fault by exceeding the size of buffer array.
> 
> Signed-off-by: Mateusz Kusiak <mateusz.kusiak@intel.com>
> ---
>  util.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)

Applied, thanks!

Jes