Replace sprintf() calls with snprintf() to ensure proper bounds
checking when formatting strings.
In encode.c, the check now validates snprintf() return value instead
of pre-checking buffer size, providing more robust error handling.
In probe.c, snprintf() is used with proper size calculation based on
remaining buffer space.
Signed-off-by: Karel Zak <kzak@redhat.com>
(cherry picked from commit
041380f4ca7244df624bf7efdb5e27fdd3144175)
j += seqlen;
i += (seqlen-1);
} else if (str[i] == '\\' || !is_whitelisted(str[i], NULL)) {
- if (len-j < 4)
+ int rc;
+
+ rc = snprintf(&str_enc[j], len-j, "\\x%02x", (unsigned char) str[i]);
+ if (rc != 4)
goto err;
- sprintf(&str_enc[j], "\\x%02x", (unsigned char) str[i]);
j += 4;
} else {
if (len-j < 1)
int hex_size = min(sizeof(csum_hex), n * 2);
for (int i = 0; i < hex_size; i+=2) {
- sprintf(&csum_hex[i], "%02X", ((const unsigned char *) csum)[i / 2]);
- sprintf(&expected_hex[i], "%02X", ((const unsigned char *) expected)[i / 2]);
+ snprintf(&csum_hex[i], sizeof(csum_hex) - i, "%02X", ((const unsigned char *) csum)[i / 2]);
+ snprintf(&expected_hex[i], sizeof(expected_hex) - i, "%02X", ((const unsigned char *) expected)[i / 2]);
}
DBG(LOWPROBE, ul_debug(
projects / thirdparty / util-linux.git / commitdiff
