From b203c6ed1f0216a18f5286d61d80116e115d271b Mon Sep 17 00:00:00 2001
From: Ondrej Jirman <megous@megous.com>
Date: Mon, 9 Jul 2018 07:16:20 +0200
Subject: [PATCH] Use snprintf in confdata.c to avoid possible buffer overflow

And gcc8 warnings.

Signed-off-by: Ondrej Jirman <megous@megous.com>
---
 scripts/kconfig/confdata.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/scripts/kconfig/confdata.c b/scripts/kconfig/confdata.c
index a04bb26304f..946120a60ea 100644
--- a/scripts/kconfig/confdata.c
+++ b/scripts/kconfig/confdata.c
@@ -745,6 +745,7 @@ int conf_write(const char *name)
 	const char *str;
 	char dirname[PATH_MAX+1], tmpname[PATH_MAX+22], newname[PATH_MAX+8];
 	char *env;
+	int ret;
 
 	dirname[0] = 0;
 	if (name && name[0]) {
@@ -768,10 +769,14 @@ int conf_write(const char *name)
 	} else
 		basename = conf_get_configname();
 
-	sprintf(newname, "%s%s", dirname, basename);
+	ret = snprintf(newname, sizeof newname, "%s%s", dirname, basename);
+	if (ret == sizeof newname)
+		return 1;
 	env = getenv("KCONFIG_OVERWRITECONFIG");
 	if (!env || !*env) {
-		sprintf(tmpname, "%s.tmpconfig.%d", dirname, (int)getpid());
+		ret = snprintf(tmpname, sizeof tmpname, "%s.tmpconfig.%d", dirname, (int)getpid());
+		if (ret == sizeof tmpname)
+			return 1;
 		out = fopen(tmpname, "w");
 	} else {
 		*tmpname = 0;