From c5cd317a53fa4f29ab39ee364a5151f7b700ee8d Mon Sep 17 00:00:00 2001
From: Ben Pfaff <blp@nicira.com>
Date: Tue, 31 Jan 2012 09:39:28 -0800
Subject: [PATCH 1/1] sflow_agent: Use snprintf() in place of sprintf().

These functions use sprintf() into a 1000-byte buffer.  It appears to me
that the strings they format are either short, fixed-length strings or the
output of strerror(), neither of which should ordinarily overflow.
However, using snprintf() cannot hurt.

Launchpad bug #914160.
Reported-by: Matthias Klose <doko@ubuntu.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
---
 lib/sflow_agent.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/sflow_agent.c b/lib/sflow_agent.c
index b02095866..f55e6d449 100644
--- a/lib/sflow_agent.c
+++ b/lib/sflow_agent.c
@@ -453,7 +453,7 @@ void sfl_agent_resetReceiver(SFLAgent *agent, SFLReceiver *receiver)
 void sfl_agent_error(SFLAgent *agent, char *modName, char *msg)
 {
     char errm[MAX_ERRMSG_LEN];
-    sprintf(errm, "sfl_agent_error: %s: %s\n", modName, msg);
+    snprintf(errm, sizeof errm, "sfl_agent_error: %s: %s\n", modName, msg);
     if(agent->errorFn) (*agent->errorFn)(agent->magic, agent, errm);
     else {
 	fprintf(stderr, "%s\n", errm);
@@ -469,7 +469,7 @@ void sfl_agent_error(SFLAgent *agent, char *modName, char *msg)
 void sfl_agent_sysError(SFLAgent *agent, char *modName, char *msg)
 {
     char errm[MAX_ERRMSG_LEN];
-    sprintf(errm, "sfl_agent_sysError: %s: %s (errno = %d - %s)\n", modName, msg, errno, strerror(errno));
+    snprintf(errm, sizeof errm, "sfl_agent_sysError: %s: %s (errno = %d - %s)\n", modName, msg, errno, strerror(errno));
     if(agent->errorFn) (*agent->errorFn)(agent->magic, agent, errm);
     else {
 	fprintf(stderr, "%s\n", errm);
-- 
2.43.0