diff options
| author | Doug Goldstein <cardoe@cardoe.com> | 2013-05-01 11:30:26 -0500 |
|---|---|---|
| committer | Takashi Iwai <tiwai@suse.de> | 2013-05-06 10:55:07 +0200 |
| commit | 888275e66cad77c99c747af5cc5dc981059d0078 (patch) | |
| tree | 887f7771aa052e142eb1413fbf550e94884bae62 | |
| parent | b4f34ac26037c10ac51c4bb29203500165848977 (diff) | |
| download | alsa-utils-888275e66cad77c99c747af5cc5dc981059d0078.tar.gz | |
alsactl: sprintf to snprintf prevent buffer overflow
sprintf() is a bit dangerous unless you explicitly know your type size
and want to keep it in sync always. Its safer to just use snprintf() and
ensure your string doesn't overflow and is NULL terminated.
Signed-off-by: Doug Goldstein <cardoe@cardoe.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
| -rw-r--r-- | alsactl/lock.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/alsactl/lock.c b/alsactl/lock.c index fce208b..587a109 100644 --- a/alsactl/lock.c +++ b/alsactl/lock.c @@ -53,9 +53,9 @@ static int state_lock_(const char *file, int lock, int timeout) lck.l_len = 11; lck.l_pid = 0; if (lock) { - sprintf(lcktxt, "%10li\n", (long)getpid()); + snprintf(lcktxt, sizeof(lcktxt), "%10li\n", (long)getpid()); } else { - sprintf(lcktxt, "%10s\n", ""); + snprintf(lcktxt, sizeof(lcktxt), "%10s\n", ""); } while (fd < 0 && timeout-- > 0) { fd = open(nfile, O_RDWR); |