[sheepdog] [PATCH 4/6] sheep, collie: use snprintf instead of sprintf to avoid buffer overflow

Liu Yuan namei.unix at gmail.com
Sun Jan 27 08:43:45 CET 2013


From: Liu Yuan <tailai.ly at taobao.com>

Signed-off-by: Liu Yuan <tailai.ly at taobao.com>
---
 collie/collie.c           |    6 ++++--
 collie/vdi.c              |    3 ++-
 include/logger.h          |    1 +
 include/sheep.h           |    2 +-
 lib/logger.c              |   14 ++++++++------
 sheep/cluster/local.c     |    2 +-
 sheep/cluster/zookeeper.c |   17 +++++++++--------
 sheep/config.c            |    6 +++---
 sheep/journal_file.c      |    8 ++++----
 sheep/object_cache.c      |   33 ++++++++++++++++++---------------
 sheep/plain_store.c       |    8 +++++---
 sheep/sheep.c             |    4 ++--
 sheep/store.c             |   22 ++++++++++++----------
 sheepfs/cluster.c         |    3 ++-
 sheepfs/config.c          |    6 +++---
 sheepfs/node.c            |    6 ++++--
 sheepfs/shadow_file.c     |   16 ++++++++--------
 sheepfs/vdi.c             |    3 ++-
 sheepfs/volume.c          |    8 ++++----
 19 files changed, 93 insertions(+), 75 deletions(-)

diff --git a/collie/collie.c b/collie/collie.c
index a533141..d8b0f06 100644
--- a/collie/collie.c
+++ b/collie/collie.c
@@ -237,7 +237,8 @@ static void usage(const struct command *commands, int status)
 		printf("\nAvailable commands:\n");
 		for (i = 0; commands[i].name; i++) {
 			for (s = commands[i].sub; s->name; s++) {
-				sprintf(name, "%s %s", commands[i].name, s->name);
+				snprintf(name, sizeof(name), "%s %s",
+					 commands[i].name, s->name);
 				printf("  %-24s%s\n", name, s->desc);
 			}
 		}
@@ -295,7 +296,8 @@ void subcommand_usage(char *cmd, char *subcmd, int status)
 	printf("Options:\n");
 	for (i = 0; i < len; i++) {
 		sd_opt = find_opt(command_opts[i]);
-		sprintf(name, "-%c, --%s", sd_opt->ch, sd_opt->name);
+		snprintf(name, sizeof(name), "-%c, --%s",
+			 sd_opt->ch, sd_opt->name);
 		printf("  %-24s%s\n", name, sd_opt->desc);
 	}
 
diff --git a/collie/vdi.c b/collie/vdi.c
index 7aa7453..3547783 100644
--- a/collie/vdi.c
+++ b/collie/vdi.c
@@ -322,7 +322,8 @@ static void parse_objs(uint64_t oid, obj_parser_func_t func, void *data, unsigne
 		ret = collie_exec_req(fd, &hdr, buf);
 		close(fd);
 
-		sprintf(name + strlen(name), ":%d", sd_nodes[i].nid.port);
+		snprintf(name + strlen(name), sizeof(name) - strlen(name),
+			 ":%d", sd_nodes[i].nid.port);
 
 		if (ret)
 			fprintf(stderr, "Failed to connect to %s\n", name);
diff --git a/include/logger.h b/include/logger.h
index 0922401..ee97598 100644
--- a/include/logger.h
+++ b/include/logger.h
@@ -19,6 +19,7 @@
 
 #define LOG_SPACE_SIZE (32 * 1024 * 1024)
 #define MAX_MSG_SIZE 256
+#define THREAD_NAME_LEN	20
 
 int log_init(const char *progname, int size, bool to_stdout, int level,
 		    char *outfile);
diff --git a/include/sheep.h b/include/sheep.h
index e0d63a4..ee47993 100644
--- a/include/sheep.h
+++ b/include/sheep.h
@@ -45,7 +45,7 @@ struct vdi_copy {
 #define TRACE_GRAPH_RETURN 0x02
 
 #define TRACE_FNAME_LEN    36
-#define TRACE_THREAD_LEN   20
+#define TRACE_THREAD_LEN   THREAD_NAME_LEN
 
 struct trace_graph_item {
 	char tname[TRACE_THREAD_LEN];
diff --git a/lib/logger.c b/lib/logger.c
index 40f06bd..17045de 100644
--- a/lib/logger.c
+++ b/lib/logger.c
@@ -247,9 +247,10 @@ static notrace void rotate_log(void)
 		struct tm tm;
 		time(&t);
 		localtime_r((const time_t *)&t, &tm);
-		sprintf(old_logfile, "%s.%04d-%02d-%02d-%02d-%02d",
-				log_nowname, tm.tm_year + 1900, tm.tm_mon + 1,
-				tm.tm_mday, tm.tm_hour, tm.tm_min);
+		snprintf(old_logfile, sizeof(old_logfile),
+			 "%s.%04d-%02d-%02d-%02d-%02d",
+			 log_nowname, tm.tm_year + 1900, tm.tm_mon + 1,
+			 tm.tm_mday, tm.tm_hour, tm.tm_min);
 		rename(log_nowname, old_logfile);
 	}
 	new_fd = open(log_nowname, O_RDWR | O_CREAT | O_APPEND, 0644);
@@ -466,9 +467,10 @@ notrace void set_thread_name(const char *name, int idx)
 notrace void get_thread_name(char *name)
 {
 	if (worker_name && worker_idx)
-		sprintf(name, "%s %d", worker_name, worker_idx);
+		snprintf(name, THREAD_NAME_LEN, "%s %d",
+			 worker_name, worker_idx);
 	else if (worker_name)
-		sprintf(name, "%s", worker_name);
+		snprintf(name, THREAD_NAME_LEN, "%s", worker_name);
 	else
-		sprintf(name, "%s", "main");
+		snprintf(name, THREAD_NAME_LEN, "%s", "main");
 }
diff --git a/sheep/cluster/local.c b/sheep/cluster/local.c
index 5a99015..8f5f256 100644
--- a/sheep/cluster/local.c
+++ b/sheep/cluster/local.c
@@ -44,7 +44,7 @@ static char *lnode_to_str(struct local_node *lnode)
 {
 	char *s = node_to_str(&lnode->node);
 
-	sprintf(s + strlen(s), " pid:%d", lnode->pid);
+	snprintf(s + strlen(s), sizeof(s) - strlen(s), " pid:%d", lnode->pid);
 
 	return s;
 }
diff --git a/sheep/cluster/zookeeper.c b/sheep/cluster/zookeeper.c
index fcb99eb..e18f289 100644
--- a/sheep/cluster/zookeeper.c
+++ b/sheep/cluster/zookeeper.c
@@ -36,8 +36,8 @@
 	for (zk_get_children(parent, strs),		               \
 		     (strs)->data += (strs)->count;		       \
 	     (strs)->count-- ?					       \
-		     sprintf(path, "%s/%s", parent, *--(strs)->data) : \
-		     (free((strs)->data), 0);			       \
+		     snprintf(path, sizeof(path), "%s/%s", parent,     \
+			      *--(strs)->data) : (free((strs)->data), 0); \
 	     free(*(strs)->data))
 
 enum zk_event_type {
@@ -246,7 +246,7 @@ static bool zk_queue_peek(void)
 	int rc;
 	char path[256];
 
-	sprintf(path, QUEUE_ZNODE "/%010"PRId32, queue_pos);
+	snprintf(path, sizeof(path), QUEUE_ZNODE "/%010"PRId32, queue_pos);
 
 	rc = zk_node_exists(path);
 	if (rc == ZOK)
@@ -262,7 +262,7 @@ static void zk_queue_push(struct zk_event *ev)
 	char path[256], buf[256];
 
 	len = (char *)(ev->buf) - (char *)ev + ev->buf_len;
-	sprintf(path, "%s/", QUEUE_ZNODE);
+	snprintf(path, sizeof(path), "%s/", QUEUE_ZNODE);
 	zk_create_seq_node(path, (char *)ev, len, buf, sizeof(buf));
 	if (first_push) {
 		int32_t seq;
@@ -295,7 +295,7 @@ static void push_join_response(struct zk_event *ev)
 	queue_pos--;
 
 	len = (char *)(ev->buf) - (char *)ev + ev->buf_len;
-	sprintf(path, QUEUE_ZNODE "/%010"PRId32, queue_pos);
+	snprintf(path, sizeof(path), QUEUE_ZNODE "/%010"PRId32, queue_pos);
 	zk_set_data(path, (char *)ev, len, -1);
 	sd_dprintf("update path:%s, queue_pos:%010"PRId32", len:%d\n",
 		path, queue_pos, len);
@@ -307,7 +307,7 @@ static void zk_queue_pop_advance(struct zk_event *ev)
 	char path[256];
 
 	len = sizeof(*ev);
-	sprintf(path, QUEUE_ZNODE "/%010"PRId32, queue_pos);
+	snprintf(path, sizeof(path), QUEUE_ZNODE "/%010"PRId32, queue_pos);
 	assert(zk_get_data(path, ev, &len) == ZOK);
 	sd_dprintf("%s, type:%d, len:%d, pos:%"PRId32"\n",
 		path, ev->type, len, queue_pos);
@@ -494,7 +494,7 @@ static int zk_join(const struct sd_node *myself,
 
 	this_node.node = *myself;
 
-	sprintf(path, MEMBER_ZNODE "/%s", node_to_str(myself));
+	snprintf(path, sizeof(path), MEMBER_ZNODE "/%s", node_to_str(myself));
 	rc = zk_node_exists(path);
 	if (rc == ZOK) {
 		sd_eprintf("Previous zookeeper session exist, shoot myself.\n");
@@ -605,7 +605,8 @@ static void zk_handle_join_response(struct zk_event *ev)
 	case CJ_RES_SUCCESS:
 	case CJ_RES_JOIN_LATER:
 	case CJ_RES_MASTER_TRANSFER:
-		sprintf(path, MEMBER_ZNODE"/%s", node_to_str(&ev->sender.node));
+		snprintf(path, sizeof(path), MEMBER_ZNODE"/%s",
+			 node_to_str(&ev->sender.node));
 		if (node_eq(&ev->sender.node, &this_node.node)) {
 			sd_dprintf("create path:%s\n", path);
 			zk_create_node(path, (char *)&ev->sender,
diff --git a/sheep/config.c b/sheep/config.c
index 0c13aa7..cebc4b4 100644
--- a/sheep/config.c
+++ b/sheep/config.c
@@ -66,10 +66,10 @@ out:
 
 int init_config_path(const char *base_path)
 {
-	int fd, ret;
+	int fd, ret, len = strlen(base_path) + strlen(CONFIG_PATH) + 1;
 
-	config_path = zalloc(strlen(base_path) + strlen(CONFIG_PATH) + 1);
-	sprintf(config_path, "%s" CONFIG_PATH, base_path);
+	config_path = xzalloc(len);
+	snprintf(config_path, len, "%s" CONFIG_PATH, base_path);
 
 	fd = open(config_path, O_RDONLY);
 	if (fd < 0) {
diff --git a/sheep/journal_file.c b/sheep/journal_file.c
index c5d31e8..f83af16 100644
--- a/sheep/journal_file.c
+++ b/sheep/journal_file.c
@@ -58,7 +58,7 @@ static int create_journal_file(const char *root, const char *name)
 	int fd, flags = O_DSYNC | O_RDWR | O_TRUNC | O_CREAT | O_DIRECT;
 	char path[PATH_MAX];
 
-	sprintf(path, "%s/%s", root, name);
+	snprintf(path, sizeof(path), "%s/%s", root, name);
 	fd = open(path, flags, 0644);
 	if (fd < 0) {
 		sd_eprintf("open %s %m\n", name);
@@ -80,7 +80,7 @@ static int get_old_new_jfile(const char *p, int *old, int *new)
 	char path[PATH_MAX];
 	struct stat st1, st2;
 
-	sprintf(path, "%s/%s", p, jfile_name[0]);
+	snprintf(path, sizeof(path), "%s/%s", p, jfile_name[0]);
 	fd1 = open(path, flags);
 	if (fd1 < 0) {
 		if (errno == ENOENT)
@@ -89,7 +89,7 @@ static int get_old_new_jfile(const char *p, int *old, int *new)
 		sd_eprintf("open1 %m\n");
 		return -1;
 	}
-	sprintf(path, "%s/%s", p, jfile_name[1]);
+	snprintf(path, sizeof(path), "%s/%s", p, jfile_name[1]);
 	fd2 = open(path, flags);
 	if (fd2 < 0) {
 		sd_eprintf("open2 %m\n");
@@ -141,7 +141,7 @@ static int replay_journal_entry(struct journal_descriptor *jd)
 
 	if (jd->create)
 		flags |= O_CREAT;
-	sprintf(path, "%s%016" PRIx64, obj_path, jd->oid);
+	snprintf(path, sizeof(path), "%s%016" PRIx64, obj_path, jd->oid);
 	fd = open(path, flags, def_fmode);
 	if (fd < 0) {
 		sd_eprintf("open %m\n");
diff --git a/sheep/object_cache.c b/sheep/object_cache.c
index 3cccca3..8c4131d 100644
--- a/sheep/object_cache.c
+++ b/sheep/object_cache.c
@@ -264,8 +264,8 @@ static int remove_cache_object(struct object_cache *oc, uint32_t idx)
 	int ret = SD_RES_SUCCESS;
 	char path[PATH_MAX];
 
-	sprintf(path, "%s/%06"PRIx32"/%08"PRIx32, object_cache_dir,
-		oc->vid, idx);
+	snprintf(path, sizeof(path), "%s/%06"PRIx32"/%08"PRIx32,
+		 object_cache_dir, oc->vid, idx);
 	sd_dprintf("%"PRIx64"\n", idx_to_oid(oc->vid, idx));
 	if (unlink(path) < 0) {
 		sd_eprintf("failed to remove cached object %m\n");
@@ -285,7 +285,8 @@ static int read_cache_object_noupdate(uint32_t vid, uint32_t idx, void *buf,
 	int fd, flags = def_open_flags, ret = SD_RES_SUCCESS;
 	char p[PATH_MAX];
 
-	sprintf(p, "%s/%06"PRIx32"/%08"PRIx32, object_cache_dir, vid, idx);
+	snprintf(p, sizeof(p), "%s/%06"PRIx32"/%08"PRIx32, object_cache_dir,
+		 vid, idx);
 
 	if (sys->object_cache_directio && !idx_has_vdi_bit(idx))
 		flags |= O_DIRECT;
@@ -319,7 +320,8 @@ static int write_cache_object_noupdate(uint32_t vid, uint32_t idx, void *buf,
 	int fd, flags = def_open_flags, ret = SD_RES_SUCCESS;
 	char p[PATH_MAX];
 
-	sprintf(p, "%s/%06"PRIx32"/%08"PRIx32, object_cache_dir, vid, idx);
+	snprintf(p, sizeof(p), "%s/%06"PRIx32"/%08"PRIx32, object_cache_dir,
+		 vid, idx);
 	if (sys->object_cache_directio && !idx_has_vdi_bit(idx))
 		flags |= O_DIRECT;
 
@@ -566,7 +568,7 @@ static int create_dir_for(uint32_t vid)
 	int ret = 0;
 	char p[PATH_MAX];
 
-	sprintf(p, "%s/%06"PRIx32, object_cache_dir, vid);
+	snprintf(p, sizeof(p), "%s/%06"PRIx32, object_cache_dir, vid);
 	if (mkdir(p, def_dmode) < 0)
 		if (errno != EEXIST) {
 			sd_eprintf("%s, %m\n", p);
@@ -694,8 +696,8 @@ static int object_cache_lookup(struct object_cache *oc, uint32_t idx,
 	int fd, ret, flags = def_open_flags;
 	char path[PATH_MAX];
 
-	sprintf(path, "%s/%06"PRIx32"/%08"PRIx32, object_cache_dir,
-		oc->vid, idx);
+	snprintf(path, sizeof(path), "%s/%06"PRIx32"/%08"PRIx32,
+		 object_cache_dir, oc->vid, idx);
 	if (!create)
 		return lookup_path(path);
 
@@ -727,8 +729,8 @@ static int create_cache_object(struct object_cache *oc, uint32_t idx,
 	int ret = SD_RES_OID_EXIST;
 	char path[PATH_MAX], tmp_path[PATH_MAX];
 
-	sprintf(tmp_path, "%s/%06"PRIx32"/%08"PRIx32".tmp", object_cache_dir,
-		oc->vid, idx);
+	snprintf(tmp_path, sizeof(tmp_path), "%s/%06"PRIx32"/%08"PRIx32".tmp",
+		object_cache_dir, oc->vid, idx);
 	fd = open(tmp_path, flags, def_fmode);
 	if (fd < 0) {
 		if (errno == EEXIST) {
@@ -758,8 +760,8 @@ static int create_cache_object(struct object_cache *oc, uint32_t idx,
 		goto out_close;
 	}
 	/* This is intended to take care of partial write due to crash */
-	sprintf(path, "%s/%06"PRIx32"/%08"PRIx32, object_cache_dir,
-		oc->vid, idx);
+	snprintf(path, sizeof(path), "%s/%06"PRIx32"/%08"PRIx32,
+		 object_cache_dir, oc->vid, idx);
 	ret = link(tmp_path, path);
 	if (ret < 0) {
 		if (errno == EEXIST) {
@@ -935,7 +937,7 @@ void object_cache_delete(uint32_t vid)
 	free(cache);
 
 	/* Then we free disk */
-	sprintf(path, "%s/%06"PRIx32, object_cache_dir, vid);
+	snprintf(path, sizeof(path), "%s/%06"PRIx32, object_cache_dir, vid);
 	rmdir_r(path);
 }
 
@@ -967,7 +969,7 @@ static int object_cache_flush_and_delete(struct object_cache *oc)
 	char p[PATH_MAX];
 
 	sd_dprintf("%"PRIx32"\n", vid);
-	sprintf(p, "%s/%06"PRIx32, object_cache_dir, vid);
+	snprintf(p, sizeof(p), "%s/%06"PRIx32, object_cache_dir, vid);
 	dir = opendir(p);
 	if (!dir) {
 		sd_dprintf("%m\n");
@@ -1199,7 +1201,8 @@ static int load_cache_object(struct object_cache *cache)
 	char path[PATH_MAX];
 	int ret = 0;
 
-	sprintf(path, "%s/%06"PRIx32, object_cache_dir, cache->vid);
+	snprintf(path, sizeof(path), "%s/%06"PRIx32, object_cache_dir,
+		 cache->vid);
 	dir = opendir(path);
 	if (!dir) {
 		sd_dprintf("%m\n");
@@ -1245,7 +1248,7 @@ static int load_cache(void)
 	char path[PATH_MAX];
 	int ret = 0;
 
-	sprintf(path, "%s", object_cache_dir);
+	snprintf(path, sizeof(path), "%s", object_cache_dir);
 	dir = opendir(path);
 	if (!dir) {
 		sd_dprintf("%m\n");
diff --git a/sheep/plain_store.c b/sheep/plain_store.c
index 0ddaecb..fe08419 100644
--- a/sheep/plain_store.c
+++ b/sheep/plain_store.c
@@ -42,17 +42,19 @@ static int get_open_flags(uint64_t oid, bool create, int fl)
 
 static int get_obj_path(uint64_t oid, char *path)
 {
-	return sprintf(path, "%s%016" PRIx64, obj_path, oid);
+	return snprintf(path, PATH_MAX, "%s%016" PRIx64, obj_path, oid);
 }
 
 static int get_tmp_obj_path(uint64_t oid, char *path)
 {
-	return sprintf(path, "%s%016"PRIx64".tmp", obj_path, oid);
+	return snprintf(path, PATH_MAX, "%s%016"PRIx64".tmp",
+			obj_path, oid);
 }
 
 static int get_stale_obj_path(uint64_t oid, uint32_t epoch, char *path)
 {
-	return sprintf(path, "%s/%016"PRIx64".%"PRIu32, stale_dir, oid, epoch);
+	return snprintf(path, PATH_MAX, "%s/%016"PRIx64".%"PRIu32,
+			stale_dir, oid, epoch);
 }
 
 /* If cleanup is true, temporary objects will be removed */
diff --git a/sheep/sheep.c b/sheep/sheep.c
index 58b93f8..e4057a0 100644
--- a/sheep/sheep.c
+++ b/sheep/sheep.c
@@ -222,7 +222,7 @@ static void object_cache_dir_set(char *s)
 	char *p = s;
 
 	p = p + strlen("dir=");
-	sprintf(ocpath, "%s", p);
+	snprintf(ocpath, sizeof(ocpath), "%s", p);
 }
 
 static void _object_cache_set(char *s)
@@ -324,7 +324,7 @@ static void init_journal_arg(char *arg)
 
 	if (!strncmp(d, arg, dl)) {
 		arg += dl;
-		sprintf(jpath, "%s", arg);
+		snprintf(jpath, sizeof(jpath), "%s", arg);
 	} else if (!strncmp(sz, arg, szl)) {
 		arg += szl;
 		jsize = strtoll(arg, NULL, 10);
diff --git a/sheep/store.c b/sheep/store.c
index 477c5f3..a8c70eb 100644
--- a/sheep/store.c
+++ b/sheep/store.c
@@ -206,10 +206,10 @@ static int lock_base_dir(const char *d)
 {
 	char *lock_path;
 	int ret = 0;
-	int fd;
+	int fd, len = strlen(d) + strlen(LOCK_PATH) + 1;
 
-	lock_path = zalloc(strlen(d) + strlen(LOCK_PATH) + 1);
-	sprintf(lock_path, "%s" LOCK_PATH, d);
+	lock_path = xzalloc(len);
+	snprintf(lock_path, len, "%s" LOCK_PATH, d);
 
 	fd = open(lock_path, O_WRONLY|O_CREAT, def_fmode);
 	if (fd < 0) {
@@ -260,8 +260,9 @@ int init_obj_path(const char *base_path)
 		return -1;
 	}
 
-	obj_path = zalloc(strlen(base_path) + strlen(OBJ_PATH) + 1);
-	sprintf(obj_path, "%s" OBJ_PATH, base_path);
+	len = strlen(base_path) + strlen(OBJ_PATH) + 1;
+	obj_path = xzalloc(len);
+	snprintf(obj_path, len, "%s" OBJ_PATH, base_path);
 
 	return init_path(obj_path, NULL);
 }
@@ -270,8 +271,9 @@ int init_obj_path(const char *base_path)
 
 static int init_epoch_path(const char *base_path)
 {
-	epoch_path = zalloc(strlen(base_path) + strlen(EPOCH_PATH) + 1);
-	sprintf(epoch_path, "%s" EPOCH_PATH, base_path);
+	int len = strlen(base_path) + strlen(EPOCH_PATH) + 1;
+	epoch_path = xzalloc(len);
+	snprintf(epoch_path, len, "%s" EPOCH_PATH, base_path);
 
 	return init_path(epoch_path, NULL);
 }
@@ -280,12 +282,12 @@ static int init_epoch_path(const char *base_path)
 
 static int init_jrnl_path(const char *base_path)
 {
-	int ret;
+	int ret, len = strlen(base_path) + strlen(JRNL_PATH) + 1;
 	bool new;
 
 	/* Create journal directory */
-	jrnl_path = zalloc(strlen(base_path) + strlen(JRNL_PATH) + 1);
-	sprintf(jrnl_path, "%s" JRNL_PATH, base_path);
+	jrnl_path = xzalloc(len);
+	snprintf(jrnl_path, len, "%s" JRNL_PATH, base_path);
 
 	ret = init_path(jrnl_path, &new);
 	/* Error during directory creation */
diff --git a/sheepfs/cluster.c b/sheepfs/cluster.c
index eeb8bed..6665bce 100644
--- a/sheepfs/cluster.c
+++ b/sheepfs/cluster.c
@@ -50,7 +50,8 @@ size_t cluster_info_get_size(const char *path)
 	size_t len;
 	char cmd[COMMAND_LEN];
 
-	sprintf(cmd, "collie cluster info -a %s -p %d", sdhost, sdport);
+	snprintf(cmd, sizeof(cmd), "collie cluster info -a %s -p %d",
+		 sdhost, sdport);
 	buf = sheepfs_run_cmd(cmd);
 	if (!buf)
 		return 0;
diff --git a/sheepfs/config.c b/sheepfs/config.c
index 27d8b4e..f9b1ea2 100644
--- a/sheepfs/config.c
+++ b/sheepfs/config.c
@@ -53,7 +53,7 @@ int create_config_layout(void)
 
 int config_pcache_read(const char *path, char *buf, size_t size, off_t ignore)
 {
-	sprintf(buf, "%d\n", sheepfs_page_cache);
+	snprintf(buf, size, "%d\n", sheepfs_page_cache);
 	return strlen(buf);
 }
 
@@ -76,7 +76,7 @@ size_t config_pcache_get_size(const char *path)
 
 int config_ocache_read(const char *path, char *buf, size_t size, off_t ignore)
 {
-	sprintf(buf, "%d\n", sheepfs_object_cache);
+	snprintf(buf, size, "%d\n", sheepfs_object_cache);
 	return strlen(buf);
 }
 
@@ -100,7 +100,7 @@ size_t config_ocache_get_size(const char *path)
 int config_sheep_info_read(const char *path, char *buf, size_t size,
 			   off_t ignore)
 {
-	sprintf(buf, "%s:%d\n", sdhost, sdport);
+	snprintf(buf, size, "%s:%d\n", sdhost, sdport);
 	return strlen(buf);
 }
 
diff --git a/sheepfs/node.c b/sheepfs/node.c
index d3ef21b..a3558d5 100644
--- a/sheepfs/node.c
+++ b/sheepfs/node.c
@@ -57,7 +57,8 @@ size_t node_info_get_size(const char *path)
 	size_t len;
 	char cmd[COMMAND_LEN];
 
-	sprintf(cmd, "collie node info -a %s -p %d", sdhost, sdport);
+	snprintf(cmd, sizeof(cmd), "collie node info -a %s -p %d",
+		 sdhost, sdport);
 	buf = sheepfs_run_cmd(cmd);
 	if (!buf)
 		return 0;
@@ -79,7 +80,8 @@ size_t node_list_get_size(const char *path)
 	size_t len;
 	char cmd[COMMAND_LEN];
 
-	sprintf(cmd, "collie node list -a %s -p %d", sdhost, sdport);
+	snprintf(cmd, sizeof(cmd), "collie node list -a %s -p %d",
+		 sdhost, sdport);
 	buf = sheepfs_run_cmd(cmd);
 	if (!buf)
 		return 0;
diff --git a/sheepfs/shadow_file.c b/sheepfs/shadow_file.c
index 3c6b0c0..0545f52 100644
--- a/sheepfs/shadow_file.c
+++ b/sheepfs/shadow_file.c
@@ -32,7 +32,7 @@ int shadow_file_read(const char *path, char *buf, size_t size, off_t offset)
 	char p[PATH_MAX];
 	int fd, len;
 
-	sprintf(p, "%s%s", sheepfs_shadow, path);
+	snprintf(p, sizeof(p), "%s%s", sheepfs_shadow, path);
 	fd = open(p, O_RDONLY);
 	if (fd < 0) {
 		sheepfs_pr("%m\n");
@@ -49,7 +49,7 @@ size_t shadow_file_write(const char *path, char *buf, size_t size)
 	int fd;
 	size_t len = 0;
 
-	sprintf(p, "%s%s", sheepfs_shadow, path);
+	snprintf(p, sizeof(p), "%s%s", sheepfs_shadow, path);
 	fd = open(p, O_WRONLY | O_TRUNC);
 	if (fd < 0) {
 		sheepfs_pr("%m\n");
@@ -68,7 +68,7 @@ int shadow_file_create(const char *path)
 {
 	char p[PATH_MAX];
 	int fd;
-	sprintf(p, "%s%s", sheepfs_shadow, path);
+	snprintf(p, sizeof(p), "%s%s", sheepfs_shadow, path);
 	fd = creat(p, 0644);
 	if (fd < 0) {
 		if (errno != EEXIST) {
@@ -84,7 +84,7 @@ int shadow_dir_create(const char *path)
 {
 	char p[PATH_MAX];
 
-	sprintf(p, "%s%s", sheepfs_shadow, path);
+	snprintf(p, sizeof(p), "%s%s", sheepfs_shadow, path);
 	if (mkdir(p, 0755) < 0) {
 		if (errno != EEXIST) {
 			sheepfs_pr("%m\n");
@@ -99,7 +99,7 @@ int shadow_file_setxattr(const char *path, const char *name,
 {
 	char p[PATH_MAX];
 
-	sprintf(p, "%s%s", sheepfs_shadow, path);
+	snprintf(p, sizeof(p), "%s%s", sheepfs_shadow, path);
 	if (setxattr(p, name, value, size, 0) < 0) {
 		sheepfs_pr("%m\n");
 		return -1;
@@ -112,7 +112,7 @@ int shadow_file_getxattr(const char *path, const char *name,
 {
 	char p[PATH_MAX];
 
-	sprintf(p, "%s%s", sheepfs_shadow, path);
+	snprintf(p, sizeof(p), "%s%s", sheepfs_shadow, path);
 	if (getxattr(p, name, value, size) < 0) {
 		sheepfs_pr("%m\n");
 		return -1;
@@ -124,7 +124,7 @@ int shadow_file_delete(const char *path)
 {
 	char p[PATH_MAX];
 
-	sprintf(p, "%s%s", sheepfs_shadow, path);
+	snprintf(p, sizeof(p), "%s%s", sheepfs_shadow, path);
 	if (unlink(p) < 0) {
 		if (errno != ENOENT) {
 			sheepfs_pr("%m\n");
@@ -138,7 +138,7 @@ bool shadow_file_exsit(const char *path)
 {
 	char p[PATH_MAX];
 
-	sprintf(p, "%s%s", sheepfs_shadow, path);
+	snprintf(p, sizeof(p), "%s%s", sheepfs_shadow, path);
 	if (access(p, R_OK | W_OK) < 0) {
 		if (errno != ENOENT)
 			sheepfs_pr("%m\n");
diff --git a/sheepfs/vdi.c b/sheepfs/vdi.c
index b15bce4..814a40b 100644
--- a/sheepfs/vdi.c
+++ b/sheepfs/vdi.c
@@ -62,7 +62,8 @@ size_t vdi_list_get_size(const char *path)
 	size_t len;
 	char cmd[COMMAND_LEN];
 
-	sprintf(cmd, "collie vdi list -a %s -p %d", sdhost, sdport);
+	snprintf(cmd, sizeof(cmd), "collie vdi list -a %s -p %d",
+		sdhost, sdport);
 	buf = sheepfs_run_cmd(cmd);
 	if (!buf)
 		return 0;
diff --git a/sheepfs/volume.c b/sheepfs/volume.c
index bce1ade..1742eb2 100644
--- a/sheepfs/volume.c
+++ b/sheepfs/volume.c
@@ -394,8 +394,8 @@ static int init_vdi_info(const char *entry, uint32_t *vid, size_t *size)
 	struct vdi_inode *inode = NULL, *dummy;
 	char command[COMMAND_LEN];
 
-	sprintf(command, "collie vdi list -r %s -a %s -p %d",
-		entry, sdhost, sdport);
+	snprintf(command, sizeof(command), "collie vdi list -r %s -a %s -p %d",
+		 entry, sdhost, sdport);
 	buf = sheepfs_run_cmd(command);
 	if (!buf)
 		return -1;
@@ -451,7 +451,7 @@ int volume_create_entry(const char *entry)
 	if (ch != NULL)
 		*ch = '\0';
 
-	sprintf(path, "%s/%s", PATH_VOLUME, entry);
+	snprintf(path, sizeof(path), "%s/%s", PATH_VOLUME, entry);
 	if (shadow_file_exsit(path))
 		return 0;
 
@@ -511,7 +511,7 @@ int volume_remove_entry(const char *entry)
 	if (ch != NULL)
 		*ch = '\0';
 
-	sprintf(path, "%s/%s", PATH_VOLUME, entry);
+	snprintf(path, sizeof(path), "%s/%s", PATH_VOLUME, entry);
 	if (!shadow_file_exsit(path))
 		return -1;
 
-- 
1.7.9.5




More information about the sheepdog mailing list