[PATCH 07/11] xfsprogs: xfs_fsr: replace sprintf with snprintf to avoid buffer overflow

Wed Dec 2 05:19:23 CST 2015

Fix possible buffer overflow by replacing sprintf with snprintf in tmp_next
and tmp_close.
Reported by coverity.

Signed-off-by: Vivek Trivedi <t.vivek at samsung.com>
---
 fsr/xfs_fsr.c |    4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/fsr/xfs_fsr.c b/fsr/xfs_fsr.c
index 424fbce..bd459b6 100644
--- a/fsr/xfs_fsr.c
+++ b/fsr/xfs_fsr.c
@@ -1804,7 +1804,7 @@ tmp_next(char *mnt)
 {
 	static char	buf[SMBUFSZ];
 
-	sprintf(buf, "%s/.fsr/ag%d/tmp%d",
+	snprintf(buf, SMBUFSZ, "%s/.fsr/ag%d/tmp%d",
 	        ( (strcmp(mnt, "/") == 0) ? "" : mnt),
 	        tmp_agi,
 	        getpid());
@@ -1823,7 +1823,7 @@ tmp_close(char *mnt)
 
 	/* No data is ever actually written so we can just do rmdir's */
 	for (i=0; i < fsgeom.agcount; i++) {
-		sprintf(buf, "%s/.fsr/ag%d", mnt, i);
+		snprintf(buf, SMBUFSZ, "%s/.fsr/ag%d", mnt, i);
 		if (rmdir(buf) < 0) {
 			if (errno != ENOENT) {
 				fsrprintf(
-- 
1.7.9.5

