From 30aa8dbe4d49624aeea9f906fccae002aab158f2 Mon Sep 17 00:00:00 2001 From: Radostin Stoyanov Date: Thu, 23 May 2024 17:17:03 +0100 Subject: [PATCH] mount: fix unbounded write Replace sprintf() with snprintf() and specify maximum length of characters to avoid potential overflow. Reported-by: GitHub CodeQL (https://codeql.github.com/) Signed-off-by: Radostin Stoyanov --- criu/mount.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/criu/mount.c b/criu/mount.c index afbd24281..82bbd52d6 100644 --- a/criu/mount.c +++ b/criu/mount.c @@ -98,7 +98,7 @@ static char *ext_mount_lookup(char *key) int len = strlen(key); char mkey[len + 6]; - sprintf(mkey, "mnt[%s]", key); + snprintf(mkey, sizeof(mkey), "mnt[%s]", key); v = external_lookup_by_key(mkey); if (IS_ERR(v)) v = NULL;