From c218d01d7a010f05878192a919cddccaf80394a0 Mon Sep 17 00:00:00 2001 From: Joel Sherrill Date: Mon, 13 Mar 2017 10:42:24 -0500 Subject: tools/build/eolstrip.c: Use snprintf() to avoid potential buffer overflow This was spotted by Coverity Scan. --- tools/build/eolstrip.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tools/build/eolstrip.c b/tools/build/eolstrip.c index e93b45e906..091b06e47e 100644 --- a/tools/build/eolstrip.c +++ b/tools/build/eolstrip.c @@ -171,7 +171,9 @@ process(char *arg) error( ERR_ERRNO | ERR_FATAL, "Unable to open file (%s)\n", arg ); if ( !test_only ) { - sprintf( outname, "%s.eoltmp", arg ); + length = snprintf( outname, BUFFER_SIZE, "%s.eoltmp", arg ); + if (length >= BUFFER_SIZE) + error( ERR_ERRNO | ERR_FATAL, "Tmp file name too long\n" ); out = fopen( outname, "w" ); if (!out) -- cgit v1.2.3