From: Qualys Security Advisory <qsa@qualys.com>
Date: Thu, 1 Jan 1970 00:00:00 +0000 (+0000)
Subject: tload: Use snprintf() instead of sprintf().
X-Git-Tag: v3.3.15~129
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=d5442e10a705a70f9808faae49b65016328b0a8b;p=procps-ng

tload: Use snprintf() instead of sprintf().
---

diff --git a/tload.c b/tload.c
index 92aae3e4..29e6a8ff 100644
--- a/tload.c
+++ b/tload.c
@@ -205,8 +205,8 @@ int main(int argc, char **argv)
 			for (row = nrows - 2; row >= 0; --row)
 				*(screen + row * ncols + col) = ' ';
 		}
-		i = sprintf(screen, " %.2f, %.2f, %.2f", av[0], av[1], av[2]);
-		if (i > 0)
+		i = snprintf(screen, scr_size, " %.2f, %.2f, %.2f", av[0], av[1], av[2]);
+		if (i > 0 && i < scr_size)
 			screen[i] = ' ';
 
 		if (write(fd, "\033[H", 3) < 0)