From ac4ffb5a130d1304931999781b229e926babeae6 Mon Sep 17 00:00:00 2001 From: aliguori Date: Mon, 22 Sep 2008 15:04:31 +0000 Subject: Don't use sprintf() or strcpy() They are unsafe. The current code is correct, but to be safer, we should pass an explicit size. Signed-off-by: Anthony Liguori git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5290 c046a42c-6fe2-441c-8c8c-71466251a162 --- usb-linux.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'usb-linux.c') diff --git a/usb-linux.c b/usb-linux.c index 91acccd..c5da5b5 100644 --- a/usb-linux.c +++ b/usb-linux.c @@ -1449,20 +1449,20 @@ static int usb_host_info_device(void *opaque, int bus_num, int addr, return 0; } -static void dec2str(int val, char *str) +static void dec2str(int val, char *str, size_t size) { if (val == -1) - strcpy(str, "*"); + snprintf(str, size, "*"); else - sprintf(str, "%d", val); + snprintf(str, size, "%d", val); } -static void hex2str(int val, char *str) +static void hex2str(int val, char *str, size_t size) { if (val == -1) - strcpy(str, "*"); + snprintf(str, size, "*"); else - sprintf(str, "%x", val); + snprintf(str, size, "%x", val); } void usb_host_info(void) @@ -1475,10 +1475,10 @@ void usb_host_info(void) term_printf(" Auto filters:\n"); for (f = usb_auto_filter; f; f = f->next) { char bus[10], addr[10], vid[10], pid[10]; - dec2str(f->bus_num, bus); - dec2str(f->addr, addr); - hex2str(f->vendor_id, vid); - hex2str(f->product_id, pid); + dec2str(f->bus_num, bus, sizeof(bus)); + dec2str(f->addr, addr, sizeof(addr)); + hex2str(f->vendor_id, vid, sizeof(vid)); + hex2str(f->product_id, pid, sizeof(pid)); term_printf(" Device %s.%s ID %s:%s\n", bus, addr, vid, pid); } } -- cgit v1.1