From: Theodore Ts'o <tytso@mit.edu>
Date: Wed, 1 May 2024 21:22:55 +0000 (-0400)
Subject: e4defrag: use snprintf to assure that there can't be a buffer overflow
X-Git-Tag: v1.47.1~31
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d04a708ecf955610654a2015de8657642857912d;p=thirdparty%2Fe2fsprogs.git

e4defrag: use snprintf to assure that there can't be a buffer overflow

The size of msg_buffer is carefully calculated so it can never
overflow, but it triggers a Coverity warning.  Use snprintf instead of
sprintf to silence the Coverity warning.

Addresses-Coverty-Bug: 1520603
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
---

diff --git a/misc/e4defrag.c b/misc/e4defrag.c
index e3011d7c..5bfa6ff1 100644
--- a/misc/e4defrag.c
+++ b/misc/e4defrag.c
@@ -1206,9 +1206,8 @@ static int file_statistic(const char *file, const struct stat64 *buf,
 
 	if (mode_flag & DETAIL) {
 		/* Print statistic info */
-		sprintf(msg_buffer, "[%u/%u]%.*s",
-				defraged_file_count, total_count,
-			PATH_MAX, file);
+		snprintf(msg_buffer, sizeof(msg_buffer), "[%u/%u]%.*s",
+			 defraged_file_count, total_count, PATH_MAX, file);
 		if (current_uid == ROOT_UID) {
 			if (strlen(msg_buffer) > 40)
 				printf("\033[79;0H\033[K%s\n"