modpost: use snprintf() instead of sprintf() for safety

Use snprintf() to avoid the potential buffer overflow, and also
check the return value to detect the too long path.

Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>

diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c
index 522d5249d196808c29a52328bc0fd96d7c4c9b49..141370ebbfd342670d6c4679a069aae355e17d78 100644 (file)
--- a/scripts/mod/modpost.c
+++ b/scripts/mod/modpost.c
@@ -2560,6 +2560,7 @@ int main(int argc, char **argv)
 
        for (mod = modules; mod; mod = mod->next) {
                char fname[PATH_MAX];
+               int ret;
 
                if (mod->is_vmlinux || mod->from_dump)
                        continue;
@@ -2578,7 +2579,12 @@ int main(int argc, char **argv)
                add_moddevtable(&buf, mod);
                add_srcversion(&buf, mod);
 
-               sprintf(fname, "%s.mod.c", mod->name);
+               ret = snprintf(fname, sizeof(fname), "%s.mod.c", mod->name);
+               if (ret >= sizeof(fname)) {
+                       error("%s: too long path was truncated\n", fname);
+                       continue;
+               }
+
                write_if_changed(&buf, fname);
        }