seccomp: convert to strnprintf()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
lxc · Feb 26, 2021 · 2b41604 · 2b41604
1 parent c829cc0
commit 2b41604
Showing 1 changed file with 14 additions and 2 deletions.
diff --git a/src/lxc/seccomp.c b/src/lxc/seccomp.c
@@ -1418,15 +1418,27 @@ int seccomp_notify_handler(int fd, uint32_t events, void *data,
 	resp->id = req_id = req->id;
 	TRACE("Received seccomp notification with id(%llu)", (long long unsigned int)req_id);
 
-	snprintf(mem_path, sizeof(mem_path), "/proc/%d", req->pid);
+	ret = strnprintf(mem_path, sizeof(mem_path), "/proc/%d", req->pid);
+	if (ret < 0) {
+		seccomp_notify_default_answer(fd, req, resp, hdlr);
+		SYSERROR("Failed to create path to process's proc directory");
+		goto out;
+	}
+
 	fd_pid = open(mem_path, O_RDONLY | O_DIRECTORY | O_CLOEXEC);
 	if (fd_pid < 0) {
 		seccomp_notify_default_answer(fd, req, resp, hdlr);
 		SYSERROR("Failed to open process pidfd for seccomp notify request");
 		goto out;
 	}
 
-	snprintf(mem_path, sizeof(mem_path), "/proc/%d/mem", req->pid);
+	ret = strnprintf(mem_path, sizeof(mem_path), "/proc/%d/mem", req->pid);
+	if (ret < 0) {
+		seccomp_notify_default_answer(fd, req, resp, hdlr);
+		SYSERROR("Failed to create path to process's virtual memory");
+		goto out;
+	}
+
 	fd_mem = open(mem_path, O_RDWR | O_CLOEXEC);
 	if (fd_mem < 0) {
 		seccomp_notify_default_answer(fd, req, resp, hdlr);