NFSD: Stricter buffer size checking in write_recoverydir()

author Chuck Lever <chuck.lever@oracle.com>

Thu, 23 Apr 2009 23:33:10 +0000 (19:33 -0400)

committer J. Bruce Fields <bfields@citi.umich.edu>

Tue, 28 Apr 2009 17:54:30 +0000 (13:54 -0400)
author Chuck Lever <chuck.lever@oracle.com>
Thu, 23 Apr 2009 23:33:10 +0000 (19:33 -0400)
committer J. Bruce Fields <bfields@citi.umich.edu>
Tue, 28 Apr 2009 17:54:30 +0000 (13:54 -0400)
diff --git a/fs/nfsd/nfsctl.c b/fs/nfsd/nfsctl.c

index b64a7fb..c484346 100644 (file)
--- a/fs/nfsd/nfsctl.c
+++ b/fs/nfsd/nfsctl.c
@@ -1260,8 +1260,9 @@ static ssize_t __write_recoverydir(struct file *file, char *buf, size_t size)
  
                 status = nfs4_reset_recoverydir(recdir);
         }
-       sprintf(buf, "%s\n", nfs4_recoverydir());
-       return strlen(buf);
+
+       return scnprintf(buf, SIMPLE_TRANSACTION_LIMIT, "%s\n",
+                                                       nfs4_recoverydir());
  }
  
  /**
author	Chuck Lever <chuck.lever@oracle.com>
	Thu, 23 Apr 2009 23:33:10 +0000 (19:33 -0400)
committer	J. Bruce Fields <bfields@citi.umich.edu>
	Tue, 28 Apr 2009 17:54:30 +0000 (13:54 -0400)