From: Florian Forster <octo@collectd.org>
Date: Tue, 28 Nov 2023 13:42:54 +0000 (+0100)
Subject: cpu plugin: Fix potential buffer overflow.
X-Git-Tag: 6.0.0-rc0~42^2~17
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=782de83be4c0658a5f64f030f33a397f01efbf4c;p=thirdparty%2Fcollectd.git

cpu plugin: Fix potential buffer overflow.

```
In function 'cpu_commit_without_aggregation',
    inlined from 'cpu_commit' at src/cpu.c:563:5,
    inlined from 'cpu_read' at src/cpu.c:925:3:
src/cpu.c:534:50: note: directive argument in the range [0, 18446744073709551614]
  534 |       snprintf(cpu_num_str, sizeof(cpu_num_str), "%zu", cpu_num);
      |                                                  ^~~~~
src/cpu.c:534:7: note: 'snprintf' output between 2 and 21 bytes into a destination of size 16
  534 |       snprintf(cpu_num_str, sizeof(cpu_num_str), "%zu", cpu_num);
      |       ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
```
---

diff --git a/src/cpu.c b/src/cpu.c
index 830f11415..436d2c55a 100644
--- a/src/cpu.c
+++ b/src/cpu.c
@@ -530,8 +530,8 @@ static void cpu_commit_without_aggregation(void) /* {{{ */
       if (!s->has_value)
         continue;
 
-      char cpu_num_str[16];
-      snprintf(cpu_num_str, sizeof(cpu_num_str), "%zu", cpu_num);
+      char cpu_num_str[32] = {0};
+      ssnprintf(cpu_num_str, sizeof(cpu_num_str), "%zu", cpu_num);
       metric_label_set(&m, "cpu", cpu_num_str);
 
       m.value.derive = s->conv.last_value.derive;