STPK-1429 Fix Klocwork issue #88846

Possible buffer overflow indeed.

Issue STPK-1429

Change-Id: Ic238fc29b212593b1b2fb9385e19f960db817567
Signed-off-by: Patrick Porlan <patrick.porlan@intel.com>

diff --git a/description.c b/description.c
index 183c11a..9d675cb 100644 (file)
--- a/description.c
+++ b/description.c
@@ -19,10 +19,12 @@ char* sensor_get_name (int s)
        if (sensor_info[s].friendly_name[0] == '\0') {
 
                /* If we got a iio device name from sysfs, use it */
-               if (sensor_info[s].internal_name[0])
-                       sprintf(sensor_info[s].friendly_name, "S%d-%s", s,
-                               sensor_info[s].internal_name);
-               else
+               if (sensor_info[s].internal_name[0]) {
+                       snprintf(sensor_info[s].friendly_name,
+                                MAX_NAME_SIZE, "S%d-%s", s,
+                                sensor_info[s].internal_name);
+                       sensor_info[s].friendly_name[MAX_NAME_SIZE-1] = '\0';
+               } else
                        sprintf(sensor_info[s].friendly_name, "S%d", s);
        }