From 5e01c3a9e201b6a2f624df9c28002e8b30ad9b2a Mon Sep 17 00:00:00 2001
From: kib <kib@FreeBSD.org>
Date: Wed, 18 Apr 2012 10:23:42 +0000
Subject: Fix string buffer overflow when preparing the line of output.

PR:	bin/161739
Submitted by:	Jeremy Chadwick <freebsd jdc parodius com>
MFC after:	1 week
---
 usr.bin/top/machine.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'usr.bin/top')

diff --git a/usr.bin/top/machine.c b/usr.bin/top/machine.c
index 8d44bee..59f663d 100644
--- a/usr.bin/top/machine.c
+++ b/usr.bin/top/machine.c
@@ -933,7 +933,7 @@ format_next_process(caddr_t handle, char *(*get_userid)(int), int flags)
 		p_tot = rup->ru_inblock + rup->ru_oublock + rup->ru_majflt;
 		s_tot = total_inblock + total_oublock + total_majflt;
 
-		sprintf(fmt, io_Proc_format,
+		snprintf(fmt, sizeof(fmt), io_Proc_format,
 		    pp->ki_pid,
 		    jid_buf,
 		    namelength, namelength, (*get_userid)(pp->ki_ruid),
@@ -961,7 +961,7 @@ format_next_process(caddr_t handle, char *(*get_userid)(int), int flags)
 		snprintf(thr_buf, sizeof(thr_buf), "%*d ",
 		    sizeof(thr_buf) - 2, pp->ki_numthreads);
 
-	sprintf(fmt, proc_fmt,
+	snprintf(fmt, sizeof(fmt), proc_fmt,
 	    pp->ki_pid,
 	    jid_buf,
 	    namelength, namelength, (*get_userid)(pp->ki_ruid),
-- 
cgit v1.1