diff options
| author | Joseph Hunkeler <jhunkeler@gmail.com> | 2025-11-04 12:12:07 -0500 |
|---|---|---|
| committer | Joseph Hunkeler <jhunkeler@gmail.com> | 2025-11-11 15:54:20 -0500 |
| commit | 941e9e6d5c56fb7b873e07ede008ebed786753d6 (patch) | |
| tree | 54eaa4cb45adbbce58162344de4a2a7515790a73 /src | |
| parent | 93d56b1aee4a5533575aa20b3b00d8903d17db8a (diff) | |
| download | stasis-941e9e6d5c56fb7b873e07ede008ebed786753d6.tar.gz | |
Fix possible overflow in command string
Diffstat (limited to 'src')
| -rw-r--r-- | src/cli/stasis_indexer/stasis_indexer_main.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/cli/stasis_indexer/stasis_indexer_main.c b/src/cli/stasis_indexer/stasis_indexer_main.c index 279af5a..b4fafd4 100644 --- a/src/cli/stasis_indexer/stasis_indexer_main.c +++ b/src/cli/stasis_indexer/stasis_indexer_main.c @@ -25,7 +25,7 @@ int indexer_combine_rootdirs(const char *dest, char **rootdirs, const size_t roo destdir = destdir_with_output; } - sprintf(cmd, "rsync -ah%s --delete --exclude 'tools/' --exclude 'tmp/' --exclude 'build/' ", globals.verbose ? "v" : "q"); + snprintf(cmd, sizeof(cmd), "rsync -ah%s --delete --exclude 'tools/' --exclude 'tmp/' --exclude 'build/' ", globals.verbose ? "v" : "q"); for (size_t i = 0; i < rootdirs_total; i++) { char srcdir_bare[PATH_MAX] = {0}; char srcdir_with_output[PATH_MAX] = {0}; @@ -42,9 +42,9 @@ int indexer_combine_rootdirs(const char *dest, char **rootdirs, const size_t roo if (!access(srcdir_with_output, F_OK)) { srcdir = srcdir_with_output; } - snprintf(cmd + strlen(cmd), sizeof(srcdir) - strlen(srcdir) + 4, "'%s'/ ", srcdir); + snprintf(cmd + strlen(cmd), sizeof(cmd) - strlen(srcdir) + 4, "'%s'/ ", srcdir); } - snprintf(cmd + strlen(cmd), sizeof(cmd) - strlen(destdir) + 1, " %s/", destdir); + snprintf(cmd + strlen(cmd), sizeof(cmd) - strlen(destdir) + 2, " %s/", destdir); if (globals.verbose) { puts(cmd); |