From: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Date: Wed, 20 Jul 2022 17:16:15 +0000 (-0600)
Subject: api.c: fix string termination in cgroup_get_procname_from_procfs()
X-Git-Tag: v2.0.3~31
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9612128edd03ba5085cd0c169685915cd7d6e2c8;p=thirdparty%2Flibcgroup.git

api.c: fix string termination in cgroup_get_procname_from_procfs()

Fix non-terminated string warning, reported by Coverity tool:

CID 258273 (#2 of 2): String not null terminated (STRING_NULL)6.
string_null: Passing unterminated string buf to strdup, which expects a
null-terminated string.

use snprintf() instead of sprintf(), to string terminate
cgroup_get_procname_from_procfs().

Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
(cherry picked from commit 422c0300583a7b450838e4936ba0d51584354831)
---

diff --git a/src/api.c b/src/api.c
index 1c080b2b..b1b57d92 100644
--- a/src/api.c
+++ b/src/api.c
@@ -5321,7 +5321,7 @@ int cgroup_get_procname_from_procfs(pid_t pid, char **procname)
 	 * Get the full patch of process name from /proc/<pid>/exe.
 	 */
 	memset(buf, '\0', sizeof(buf));
-	sprintf(path, "/proc/%d/exe", pid);
+	snprintf(path, FILENAME_MAX, "/proc/%d/exe", pid);
 	if (readlink(path, buf, sizeof(buf)) < 0) {
 		/*
 		 * readlink() fails if a kernel thread, and a process