[Cluster-devel] [PATCH 17/19] config: fix confdb2ldif secure coding
Fabio M. Di Nitto
fdinitto at redhat.com
Tue Oct 25 12:09:08 UTC 2011
Spotted by Coverify Scan
Signed-off-by: Fabio M. Di Nitto <fdinitto at redhat.com>
---
:100644 100644 35f8c31... 1f83c2f... M config/tools/ldap/confdb2ldif.c
config/tools/ldap/confdb2ldif.c | 10 +++++-----
1 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/config/tools/ldap/confdb2ldif.c b/config/tools/ldap/confdb2ldif.c
index 35f8c31..1f83c2f 100644
--- a/config/tools/ldap/confdb2ldif.c
+++ b/config/tools/ldap/confdb2ldif.c
@@ -20,7 +20,7 @@ static const char *ldap_attr_name(const char *attrname)
if (strcmp(attrname, "name") == 0)
return attrname;
- sprintf(newname, "rhcs");
+ snprintf(newname, sizeof(newname) - 1, "rhcs");
for (i=0; i<strlen(attrname)+1; i++) {
if (i == 0)
newname[4+i] = attrname[i] & 0x5F;
@@ -99,16 +99,16 @@ static void print_config_tree(confdb_handle_t handle, hdb_handle_t parent_object
/* Check for "name", and create dummy parent object */
res = confdb_key_get(handle, object_handle, "name", strlen("name"), key_value, &key_value_len);
if (res == CS_OK) {
- sprintf(cumulative_dn, "cn=%s,%s", object_name, fulldn);
+ snprintf(cumulative_dn, sizeof(cumulative_dn) - 1, "cn=%s,%s", object_name, fulldn);
printf("\n");
printf("dn: %s\n", cumulative_dn);
printf("cn: %s\n", object_name);
printf("objectclass: %s\n", "nsContainer");
- sprintf(cumulative_dn, "name=%s,cn=%s,%s", key_value, object_name, fulldn);
+ snprintf(cumulative_dn, sizeof(cumulative_dn) - 1, "name=%s,cn=%s,%s", key_value, object_name, fulldn);
}
else {
- sprintf(cumulative_dn, "cn=%s,%s", object_name, fulldn);
+ snprintf(cumulative_dn, sizeof(cumulative_dn) - 1, "cn=%s,%s", object_name, fulldn);
}
/* Down we go ... */
@@ -162,7 +162,7 @@ int main(int argc, char *argv[])
exit (1);
}
- sprintf(basedn, "name=%s,%s", clusterroot, argv[1]);
+ snprintf(basedn, sizeof(basedn) - 1, "name=%s,%s", clusterroot, argv[1]);
/* Print a header */
printf("# This file was generated by confdb2ldif, from an existing cluster configuration\n");
--
1.7.4.4
More information about the Cluster-devel
mailing list