From: Christian Brauner <christian.brauner@ubuntu.com>
Date: Thu, 11 Feb 2021 09:46:47 +0000 (+0100)
Subject: seccomp: convert to strnprintf()
X-Git-Tag: lxc-5.0.0~292^2~4
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8a6bea9432fb4ad51a131382e4d30e50c6c98d93;p=thirdparty%2Flxc.git

seccomp: convert to strnprintf()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---

diff --git a/src/lxc/seccomp.c b/src/lxc/seccomp.c
index 72cbb530a..4e4180385 100644
--- a/src/lxc/seccomp.c
+++ b/src/lxc/seccomp.c
@@ -1418,7 +1418,13 @@ int seccomp_notify_handler(int fd, uint32_t events, void *data,
 	resp->id = req_id = req->id;
 	TRACE("Received seccomp notification with id(%llu)", (long long unsigned int)req_id);
 
-	snprintf(mem_path, sizeof(mem_path), "/proc/%d", req->pid);
+	ret = strnprintf(mem_path, sizeof(mem_path), "/proc/%d", req->pid);
+	if (ret < 0) {
+		seccomp_notify_default_answer(fd, req, resp, hdlr);
+		SYSERROR("Failed to create path to process's proc directory");
+		goto out;
+	}
+
 	fd_pid = open(mem_path, O_RDONLY | O_DIRECTORY | O_CLOEXEC);
 	if (fd_pid < 0) {
 		seccomp_notify_default_answer(fd, req, resp, hdlr);
@@ -1426,7 +1432,13 @@ int seccomp_notify_handler(int fd, uint32_t events, void *data,
 		goto out;
 	}
 
-	snprintf(mem_path, sizeof(mem_path), "/proc/%d/mem", req->pid);
+	ret = strnprintf(mem_path, sizeof(mem_path), "/proc/%d/mem", req->pid);
+	if (ret < 0) {
+		seccomp_notify_default_answer(fd, req, resp, hdlr);
+		SYSERROR("Failed to create path to process's virtual memory");
+		goto out;
+	}
+
 	fd_mem = open(mem_path, O_RDWR | O_CLOEXEC);
 	if (fd_mem < 0) {
 		seccomp_notify_default_answer(fd, req, resp, hdlr);