From: Willy Tarreau <w@1wt.eu>
Date: Fri, 7 Apr 2023 13:06:42 +0000 (+0200)
Subject: CLEANUP: tcpcheck: remove the only occurrence of sprintf() in the code
X-Git-Tag: v2.8-dev7~8
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a0fa577070bdeaf5f1c559eee0fa435122d5d5c6;p=thirdparty%2Fhaproxy.git

CLEANUP: tcpcheck: remove the only occurrence of sprintf() in the code

There's a single sprintf() in the whole code, in the "option smtpchk"
parser in tcpcheck.c. Let's turn it to a safer snprintf().
---

diff --git a/src/tcpcheck.c b/src/tcpcheck.c
index 085f42768a..55fd190cf2 100644
--- a/src/tcpcheck.c
+++ b/src/tcpcheck.c
@@ -4262,9 +4262,10 @@ int proxy_parse_smtpchk_opt(char **args, int cur_arg, struct proxy *curpx, const
 	if (*args[cur_arg] && *args[cur_arg+1] &&
 	    (strcmp(args[cur_arg], "EHLO") == 0 || strcmp(args[cur_arg], "HELO") == 0)) {
 		/* <EHLO|HELO> + space (1) + <host> + null byte (1) */
-		cmd = calloc(strlen(args[cur_arg]) + 1 + strlen(args[cur_arg+1]) + 1, sizeof(*cmd));
+		size_t len = strlen(args[cur_arg]) + 1 + strlen(args[cur_arg+1]) + 1;
+		cmd = calloc(len, 1);
 		if (cmd)
-			sprintf(cmd, "%s %s", args[cur_arg], args[cur_arg+1]);
+			snprintf(cmd, len, "%s %s", args[cur_arg], args[cur_arg+1]);
 	}
 	else {
 		/* this just hits the default for now, but you could potentially expand it to allow for other stuff