notifyd: fix virtually impossible buffer overflows
Spotted by Coverity Scan
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
---
:100644 100644 7b625c9... 3091d2f... M cman/notifyd/main.c
cman/notifyd/main.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/cman/notifyd/main.c b/cman/notifyd/main.c
index 7b625c9..3091d2f 100644
--- a/cman/notifyd/main.c
+++ b/cman/notifyd/main.c
@@ -136,7 +136,7 @@ static void lockfile(void)
exit(EXIT_FAILURE);
}
- sprintf(buf, "%d
", getpid());
+ snprintf(buf, sizeof(buf) - 1, "%d
", getpid());
error = write(fd, buf, strlen(buf));
if (error <= 0) {
@@ -182,7 +182,7 @@ static void init_logging(int reconf)
int logfile_priority = SYSLOGLEVEL;
memset(logfile, 0, PATH_MAX);
- sprintf(logfile, LOGDIR "/cmannotifyd.log");
+ snprintf(logfile, sizeof(logfile) - 1, LOGDIR "/cmannotifyd.log");
ccs_handle = ccs_connect();
if (ccs_handle > 0) {
--
1.7.4.4
|
