From 7c0e91c6779f2a06073026d277021d8711200c01 Mon Sep 17 00:00:00 2001
From: Jon Trulson <jon@radscan.com>
Date: Tue, 17 Aug 2021 14:01:53 -0600
Subject: [PATCH] auphone: use snprintf to avoid potential buffer overflow
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
clients/audio/auphone/auphone.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/clients/audio/auphone/auphone.c b/clients/audio/auphone/auphone.c
index fe4c4a4..a378dcc 100644
--- a/clients/audio/auphone/auphone.c
+++ b/clients/audio/auphone/auphone.c
@@ -345,7 +345,8 @@ EventHandler(AuServer *aud, AuEvent *ev, AuEventHandlerRec *handler)
static void
createEmptyBucket(GlobalDataPtr g, AuServer *aud, char *server, AuFlowID flow)
{
- char buf[100];
+# define BUFFER_LEN (100)
+ char buf[BUFFER_LEN];
AuString desc;
int i;
ServerPtr r = &g->remote;
@@ -357,8 +358,8 @@ createEmptyBucket(GlobalDataPtr g, AuServer *aud, char *server, AuFlowID flow)
break;
/* format is: id, version, user, server, flow, deviceNum, multEl */
- sprintf(buf, "%s %s %s %s %d %d 1", BUSY, VERSION, (char *) getenv("USER"),
- server, flow, i);
+ snprintf(buf, BUFFER_LEN, "%s %s %s %s %d %d 1",
+ BUSY, VERSION, (char *) getenv("USER"), server, flow, i);
AuSetString(&desc, AuStringLatin1, strlen(buf), buf);
AuCreateBucket(aud, AuFormatULAW8, 1, AuAccessListMask, 0, 0, &desc, NULL);
}
--
2.34.1