From 796a109dbe9d5d406fe724cf542b4b8b1a0d6a76 Mon Sep 17 00:00:00 2001
From: Tycho Andersen <tycho.andersen@canonical.com>
Date: Mon, 24 Oct 2016 16:55:49 -0600
Subject: [PATCH] c/r: use snprintf to compute device name

This will never actually overflow, because %d is 32 bits and eth is 128
bytes long, but safety first :)

Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
---
 src/lxc/criu.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/lxc/criu.c b/src/lxc/criu.c
index 16d439a89..094096777 100644
--- a/src/lxc/criu.c
+++ b/src/lxc/criu.c
@@ -443,8 +443,11 @@ static void exec_criu(struct criu_opts *opts)
 				if (strlen(n->name) >= sizeof(eth))
 					goto err;
 				strncpy(eth, n->name, sizeof(eth));
-			} else
-				sprintf(eth, "eth%d", netnr);
+			} else {
+				ret = snprintf(eth, sizeof(eth), "eth%d", netnr);
+				if (ret < 0 || ret >= sizeof(eth))
+					goto err;
+			}
 
 			switch (n->type) {
 			case LXC_NET_VETH:
-- 
2.47.2