[ovs-dev] [PATCH] sflow_agent: Use snprintf() in place of sprintf().

[Ben Pfaff]

These functions use sprintf() into a 1000-byte buffer.  It appears to me
that the strings they format are either short, fixed-length strings or the
output of strerror(), neither of which should ordinarily overflow.
However, using snprintf() cannot hurt.

Launchpad bug #914160.
Reported-by: Matthias Klose <doko at ubuntu.com>
Signed-off-by: Ben Pfaff <blp at nicira.com>
---
 lib/sflow_agent.c |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/sflow_agent.c b/lib/sflow_agent.c
index b020958..f55e6d4 100644
--- a/lib/sflow_agent.c
+++ b/lib/sflow_agent.c
@@ -453,7 +453,7 @@ void sfl_agent_resetReceiver(SFLAgent *agent, SFLReceiver *receiver)
 void sfl_agent_error(SFLAgent *agent, char *modName, char *msg)
 {
     char errm[MAX_ERRMSG_LEN];
-    sprintf(errm, "sfl_agent_error: %s: %s\n", modName, msg);
+    snprintf(errm, sizeof errm, "sfl_agent_error: %s: %s\n", modName, msg);
     if(agent->errorFn) (*agent->errorFn)(agent->magic, agent, errm);
     else {
 	fprintf(stderr, "%s\n", errm);
@@ -469,7 +469,7 @@ void sfl_agent_error(SFLAgent *agent, char *modName, char *msg)
 void sfl_agent_sysError(SFLAgent *agent, char *modName, char *msg)
 {
     char errm[MAX_ERRMSG_LEN];
-    sprintf(errm, "sfl_agent_sysError: %s: %s (errno = %d - %s)\n", modName, msg, errno, strerror(errno));
+    snprintf(errm, sizeof errm, "sfl_agent_sysError: %s: %s (errno = %d - %s)\n", modName, msg, errno, strerror(errno));
     if(agent->errorFn) (*agent->errorFn)(agent->magic, agent, errm);
     else {
 	fprintf(stderr, "%s\n", errm);
-- 
1.7.2.5