From: Qualys Security Advisory <qsa@qualys.com>
Date: Thu, 1 Jan 1970 00:00:00 +0000 (+0000)
Subject: 0013-tload: Use snprintf() instead of sprintf().
X-Git-Tag: v4.0.0~516
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=44593c5e998a37c6e55a9faf7476f2d26c05a09a;p=procps-ng

0013-tload: Use snprintf() instead of sprintf().
---

diff --git a/tload.c b/tload.c
index 25b3425e..9e99705a 100644
--- a/tload.c
+++ b/tload.c
@@ -204,8 +204,8 @@ int main(int argc, char **argv)
 			for (row = nrows - 2; row >= 0; --row)
 				*(screen + row * ncols + col) = ' ';
 		}
-		i = sprintf(screen, " %.2f, %.2f, %.2f", av[0], av[1], av[2]);
-		if (i > 0)
+		i = snprintf(screen, scr_size, " %.2f, %.2f, %.2f", av[0], av[1], av[2]);
+		if (i > 0 && i < scr_size)
 			screen[i] = ' ';
 
 		if (write(fd, "\033[H", 3) < 0)