diff --git a/fs_mgr/fs_mgr_verity.c b/fs_mgr/fs_mgr_verity.c index ef7cf6e7d..4683acb50 100644 --- a/fs_mgr/fs_mgr_verity.c +++ b/fs_mgr/fs_mgr_verity.c @@ -317,9 +317,7 @@ static int load_verity_table(struct dm_ioctl *io, char *name, char *blockdev, in // build the verity params here verity_params = buffer + sizeof(struct dm_ioctl) + sizeof(struct dm_target_spec); - if (sprintf(verity_params, "%s", table) < 0) { - return -1; - } + strcpy(verity_params, table); // set next target boundary verity_params += strlen(verity_params) + 1; diff --git a/init/builtins.cpp b/init/builtins.cpp index 42cfa437d..9f3dcc1c6 100644 --- a/init/builtins.cpp +++ b/init/builtins.cpp @@ -389,7 +389,7 @@ int do_mount(int nargs, char **args) return -1; } - sprintf(tmp, "/dev/block/mtdblock%d", n); + snprintf(tmp, sizeof(tmp), "/dev/block/mtdblock%d", n); if (wait) wait_for_file(tmp, COMMAND_RETRY_TIMEOUT); @@ -409,7 +409,7 @@ int do_mount(int nargs, char **args) } for (n = 0; ; n++) { - sprintf(tmp, "/dev/block/loop%d", n); + snprintf(tmp, sizeof(tmp), "/dev/block/loop%d", n); loop = open(tmp, mode | O_CLOEXEC); if (loop < 0) { close(fd); diff --git a/init/devices.cpp b/init/devices.cpp index 92754394e..3a9b7536b 100644 --- a/init/devices.cpp +++ b/init/devices.cpp @@ -152,7 +152,7 @@ void fixup_sys_perms(const char *upath) if ((strlen(upath) + strlen(dp->attr) + 6) > sizeof(buf)) break; - sprintf(buf,"/sys%s/%s", upath, dp->attr); + snprintf(buf, sizeof(buf), "/sys%s/%s", upath, dp->attr); INFO("fixup %s %d %d 0%o\n", buf, dp->uid, dp->gid, dp->perm); chown(buf, dp->uid, dp->gid); chmod(buf, dp->perm); diff --git a/init/init.cpp b/init/init.cpp index 864749632..41ceb0ae5 100644 --- a/init/init.cpp +++ b/init/init.cpp @@ -252,7 +252,7 @@ void service_start(struct service *svc, const char *dynamic_args) umask(077); if (properties_inited()) { get_property_workspace(&fd, &sz); - sprintf(tmp, "%d,%d", dup(fd), sz); + snprintf(tmp, sizeof(tmp), "%d,%d", dup(fd), sz); add_environment("ANDROID_PROPERTY_WORKSPACE", tmp); } diff --git a/libnetutils/dhcpclient.c b/libnetutils/dhcpclient.c index a05b7cb0d..240a7891e 100644 --- a/libnetutils/dhcpclient.c +++ b/libnetutils/dhcpclient.c @@ -236,13 +236,13 @@ int decode_dhcp_msg(dhcp_msg *msg, int len, dhcp_info *info) #if VERBOSE -static void hex2str(char *buf, const unsigned char *array, int len) +static void hex2str(char *buf, size_t buf_size, const unsigned char *array, int len) { int i; char *cp = buf; - + char *buf_end = buf + buf_size; for (i = 0; i < len; i++) { - cp += sprintf(cp, " %02x ", array[i]); + cp += snprintf(cp, buf_end - cp, " %02x ", array[i]); } } @@ -278,7 +278,7 @@ void dump_dhcp_msg(dhcp_msg *msg, int len) ALOGD("giaddr = %s", ipaddr(msg->giaddr)); c = msg->hlen > 16 ? 16 : msg->hlen; - hex2str(buf, msg->chaddr, c); + hex2str(buf, sizeof(buf), msg->chaddr, c); ALOGD("chaddr = {%s}", buf); for (n = 0; n < 64; n++) { @@ -327,7 +327,7 @@ void dump_dhcp_msg(dhcp_msg *msg, int len) memcpy(buf, &x[2], n); buf[n] = '\0'; } else { - hex2str(buf, &x[2], optsz); + hex2str(buf, sizeof(buf), &x[2], optsz); } if (x[0] == OPT_MESSAGE_TYPE) name = dhcp_type_to_name(x[2]);