From 9e6344ae774b024516764648556398bd97835725 Mon Sep 17 00:00:00 2001
From: "Kunwu.Chan" <kunwu.chan@hotmail.com>
Date: Wed, 20 Sep 2023 16:39:49 +0800
Subject: [PATCH] cve/meltdown: use the snprintf function to prevent buffer
 overflow

Use the snprintf function instead of sprintf in the meltdown.c file to prevent buffer overflow.
Cause the  length of the release in a struct utsname is unspecified.
struct utsname {
               char sysname[];    /* Operating system name (e.g., "Linux") */
               char nodename[];   /* Name within communications network
                                     to which the node is attached, if any */
               char release[];    /* Operating system release
                                     (e.g., "2.6.28") */
               char version[];    /* Operating system version */
               char machine[];    /* Hardware type identifier */
           #ifdef _GNU_SOURCE
               char domainname[]; /* NIS or YP domain name */
           #endif
           };
---
 testcases/cve/meltdown.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/testcases/cve/meltdown.c b/testcases/cve/meltdown.c
index 398e496a976..210d03bf193 100644
--- a/testcases/cve/meltdown.c
+++ b/testcases/cve/meltdown.c
@@ -281,7 +281,7 @@ find_kernel_symbol(const char *name)
 
 	if (uname(&utsname) < 0)
 		tst_brk(TBROK | TERRNO, "uname");
-	sprintf(systemmap, "/boot/System.map-%s", utsname.release);
+	snprintf(systemmap, sizeof(systemmap), "/boot/System.map-%s", utsname.release);
 	addr = find_symbol_in_file(systemmap, name);
 	return addr;
 }