sprintf function is not secure as it doesn't check the length of string. More secure function snprintf is used.
Fixes: d7280c9fff ("vhost: support selective datapath") Cc: sta...@dpdk.org Signed-off-by: Pallantla Poornima <pallantlax.poorn...@intel.com> --- lib/librte_vhost/vdpa.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/librte_vhost/vdpa.c b/lib/librte_vhost/vdpa.c index 02083bb8a..fcc2c73a3 100644 --- a/lib/librte_vhost/vdpa.c +++ b/lib/librte_vhost/vdpa.c @@ -66,7 +66,7 @@ rte_vdpa_register_device(struct rte_vdpa_dev_addr *addr, if (i == MAX_VHOST_DEVICE) return -1; - sprintf(device_name, "vdpa-dev-%d", i); + snprintf(device_name, sizeof(device_name), "vdpa-dev-%d", i); dev = rte_zmalloc(device_name, sizeof(struct rte_vdpa_device), RTE_CACHE_LINE_SIZE); if (!dev) -- 2.17.2