On Fri, 8 Feb 2019 13:27:37 +0000
Pallantla Poornima <[email protected]> wrote:
> diff --git a/test/test/commands.c b/test/test/commands.c
> index 94fbc310e..5aeb35498 100644
> --- a/test/test/commands.c
> +++ b/test/test/commands.c
> @@ -367,6 +367,8 @@ int commands_init(void)
> struct test_command *t;
> char *commands, *ptr;
> int commands_len = 0;
> + int total_written = 0;
> + int count = 0;
>
> TAILQ_FOREACH(t, &commands_list, next) {
> commands_len += strlen(t->command) + 1;
> @@ -378,7 +380,10 @@ int commands_init(void)
>
> ptr = commands;
> TAILQ_FOREACH(t, &commands_list, next) {
> - ptr += sprintf(ptr, "%s#", t->command);
> + count = snprintf(ptr, commands_len - total_written - 1, "%s#",
> + t->command);
> + ptr += count;
> + total_written += count;
You know snprintf is dangerous in this case as well.
It returns the number of bytes that would have been written.
That is why the linux kernel introduced scnprintf.
