From 0da9d71b9c5e5c3dde20e246989fb942476aee8b Mon Sep 17 00:00:00 2001 From: "kfraser@localhost.localdomain" Date: Fri, 8 Jun 2007 19:22:08 +0100 Subject: [PATCH] ioemu: save file name is snprintf()ed into a plenty big enough buffer. From: Daniel P. Berrange Signed-off-by: Keir Fraser --- tools/ioemu/target-i386-dm/helper2.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/ioemu/target-i386-dm/helper2.c b/tools/ioemu/target-i386-dm/helper2.c index 4a6c865a75..5f106b5a3a 100644 --- a/tools/ioemu/target-i386-dm/helper2.c +++ b/tools/ioemu/target-i386-dm/helper2.c @@ -616,7 +616,7 @@ int main_loop(void) extern int suspend_requested; CPUState *env = cpu_single_env; int evtchn_fd = xc_evtchn_fd(xce_handle); - char qemu_file[32]; + char qemu_file[PATH_MAX]; buffered_io_timer = qemu_new_timer(rt_clock, handle_buffered_io, cpu_single_env); @@ -635,7 +635,7 @@ int main_loop(void) main_loop_wait(1); /* For the select() on events */ /* Save the device state */ - sprintf(qemu_file, "/var/lib/xen/qemu-save.%d", domid); + snprintf(qemu_file, sizeof(qemu_file), "/var/lib/xen/qemu-save.%d", domid); do_savevm(qemu_file); return 0; -- 2.30.2