From: Karel Zak Date: Tue, 7 Oct 2025 10:10:08 +0000 (+0200) Subject: libfdisk: use snprintf() instead of sprintf() X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=417d8c564905dafb2522ec7f93b6bfd124a35e0f;p=thirdparty%2Futil-linux.git libfdisk: use snprintf() instead of sprintf() Signed-off-by: Karel Zak --- diff --git a/libfdisk/src/gpt.c b/libfdisk/src/gpt.c index 8a052852a..298c88a52 100644 --- a/libfdisk/src/gpt.c +++ b/libfdisk/src/gpt.c @@ -1736,7 +1736,7 @@ static char *encode_to_utf8(unsigned char *src, size_t count) static int gpt_entry_attrs_to_string(struct gpt_entry *e, char **res) { unsigned int n, count = 0; - size_t l; + size_t l, res_size; char *bits, *p; uint64_t attrs; @@ -1752,10 +1752,11 @@ static int gpt_entry_attrs_to_string(struct gpt_entry *e, char **res) /* Note that sizeof() is correct here, we need separators between * the strings so also count \0 is correct */ - *res = calloc(1, sizeof(GPT_ATTRSTR_NOBLOCK) + + res_size = sizeof(GPT_ATTRSTR_NOBLOCK) + sizeof(GPT_ATTRSTR_REQ) + sizeof(GPT_ATTRSTR_LEGACY) + - sizeof("GUID:") + (GPT_ATTRBIT_GUID_COUNT * 3)); + sizeof("GUID:") + (GPT_ATTRBIT_GUID_COUNT * 3); + *res = calloc(1, res_size); if (!*res) return -errno; @@ -1779,15 +1780,20 @@ static int gpt_entry_attrs_to_string(struct gpt_entry *e, char **res) for (n = GPT_ATTRBIT_GUID_FIRST; n < GPT_ATTRBIT_GUID_FIRST + GPT_ATTRBIT_GUID_COUNT; n++) { + int rc; if (!isset(bits, n)) continue; if (!count) { if (p != *res) *p++ = ' '; - p += sprintf(p, "GUID:%u", n); + rc = snprintf(p, res_size - (p - *res), "GUID:%u", n); } else - p += sprintf(p, ",%u", n); + rc = snprintf(p, res_size - (p - *res), ",%u", n); + + if (rc < 0 || (size_t) rc >= res_size - (p - *res)) + break; + p += rc; count++; }