GitHub user sl4mmy opened a pull request: https://github.com/apache/zookeeper/pull/559
ZOOKEEPER-3079: avoid unsafe use of sprintf(3) The function format_endpoint_info declares both addrstr and buf as 128 element char arrays, however on non-Windows platforms it calls sprintf(3) to write into buf the value of addrstr followed by ':' followed by the the port number. This causes a compiler error when building with GCC 8 because this could potentially overflow buf if the value of addrstr was ever 127 characters long (or a little less depending on how many digits are in port). Of course, this couldn't actually happen because addrstr is initialized by inet_ntop(3) which won't write more than INET6_ADDRSTRLEN bytes (defined in <netinet/in.h> on POSIX-compliant systems). Of course, GCC doesn't know that, so let's just declare addrstr as a char array of only size INET6_ADDRSTRLEN instead of 128. Signed-off-by: Kent R. Spillner <kspill...@acm.org> You can merge this pull request into a Git repository by running: $ git pull https://github.com/sl4mmy/zookeeper zookeeper-3079 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/zookeeper/pull/559.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #559 ---- commit cb26e2f8d0704e1b5074c3e89c20962c5fc7f7b5 Author: Kent R. Spillner <kspillner@...> Date: 2018-07-03T20:44:54Z ZOOKEEPER-3079: avoid unsafe use of sprintf(3) The function format_endpoint_info declares both addrstr and buf as 128 element char arrays, however on non-Windows platforms it calls sprintf(3) to write into buf the value of addrstr followed by ':' followed by the the port number. This causes a compiler error when building with GCC 8 because this could potentially overflow buf if the value of addrstr was ever 127 characters long (or a little less depending on how many digits are in port). Of course, this couldn't actually happen because addrstr is initialized by inet_ntop(3) which won't write more than INET6_ADDRSTRLEN bytes (defined in <netinet/in.h> on POSIX-compliant systems). Of course, GCC doesn't know that, so let's just declare addrstr as a char array of only size INET6_ADDRSTRLEN instead of 128. Signed-off-by: Kent R. Spillner <kspill...@acm.org> ---- ---