kconfig: use snprintf for formatting pathnames

Valid pathnames will never exceed PATH_MAX, but these file names
are unsanitized and can cause buffer overflow if set incorrectly.
Use snprintf to avoid this. This was flagged during a Coverity scan
of the coreboot project, which also uses kconfig for its build system.

Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

diff --git a/scripts/kconfig/confdata.c b/scripts/kconfig/confdata.c
index b7bdd9690319c9a9fe40de3903dcc60cc645a115..8bb74d468f45c50e87eb066df359d6bdc322cda0 100644 (file)
--- a/scripts/kconfig/confdata.c
+++ b/scripts/kconfig/confdata.c
@@ -241,7 +241,7 @@ char *conf_get_default_confname(void)
        name = expand_string(conf_defname);
        env = getenv(SRCTREE);
        if (env) {
-               sprintf(fullname, "%s/%s", env, name);
+               snprintf(fullname, sizeof(fullname), "%s/%s", env, name);
                if (is_present(fullname))
                        return fullname;
        }

diff --git a/scripts/kconfig/lexer.l b/scripts/kconfig/lexer.l
index c9df1c8b982494cecdf8751ccf0275e14c07d35e..6354c905b006f66e673d9b098c2ae50ef29271c4 100644 (file)
--- a/scripts/kconfig/lexer.l
+++ b/scripts/kconfig/lexer.l
@@ -378,7 +378,8 @@ FILE *zconf_fopen(const char *name)
        if (!f && name != NULL && name[0] != '/') {
                env = getenv(SRCTREE);
                if (env) {
-                       sprintf(fullname, "%s/%s", env, name);
+                       snprintf(fullname, sizeof(fullname),
+                                "%s/%s", env, name);
                        f = fopen(fullname, "r");
                }
        }