From a9a2450f4d46e0e9016de2cb1d3bfda4b4943c7c Mon Sep 17 00:00:00 2001
From: Ondrej Jirman <megous@megous.com>
Date: Mon, 9 Jul 2018 07:16:20 +0200
Subject: [PATCH] Use snprintf in confdata.c to avoid possible buffer overflow

And gcc8 warnings.

Signed-off-by: Ondrej Jirman <megous@megous.com>
---
 scripts/kconfig/confdata.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/scripts/kconfig/confdata.c b/scripts/kconfig/confdata.c
index d587b10d7f8..624f87f99eb 100644
--- a/scripts/kconfig/confdata.c
+++ b/scripts/kconfig/confdata.c
@@ -782,6 +782,7 @@ int conf_write(const char *name)
 	const char *str;
 	char dirname[PATH_MAX+1], tmpname[PATH_MAX+22], newname[PATH_MAX+8];
 	char *env;
+	int ret;
 
 	dirname[0] = 0;
 	if (name && name[0]) {
@@ -804,10 +805,14 @@ int conf_write(const char *name)
 	} else
 		basename = conf_get_configname();
 
-	sprintf(newname, "%s%s", dirname, basename);
+	ret = snprintf(newname, sizeof newname, "%s%s", dirname, basename);
+	if (ret == sizeof newname)
+		return 1;
 	env = getenv("KCONFIG_OVERWRITECONFIG");
 	if (!env || !*env) {
-		sprintf(tmpname, "%s.tmpconfig.%d", dirname, (int)getpid());
+		ret = snprintf(tmpname, sizeof tmpname, "%s.tmpconfig.%d", dirname, (int)getpid());
+		if (ret == sizeof tmpname)
+			return 1;
 		out = fopen(tmpname, "w");
 	} else {
 		*tmpname = 0;