1 files changed, 10 insertions, 8 deletions

diff --git a/lib/csv.c b/lib/csv.c
index 445742807c..b48b79792e 100644
--- a/lib/csv.c
+++ b/lib/csv.c
@@ -1,5 +1,5 @@
 /* CSV
- * Copyright (C) 2013 Cumulus Networks, Inc.
+ * Copyright (C) 2013,2020  Cumulus Networks, Inc.
  *
  * This file is part of Quagga.
  *
@@ -22,6 +22,8 @@
 #include "config.h"
 #endif
 
+#include <zebra.h>
+
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -419,7 +421,7 @@ void csv_clone_record(csv_t *csv, csv_record_t *in_rec, csv_record_t **out_rec)
 	}
 	rec->record = curr;
 	rec->rec_len = in_rec->rec_len;
-	strcpy(rec->record, in_rec->record);
+	strlcpy(rec->record, in_rec->record, csv->buflen);
 
 	/* decode record into fields */
 	csv_decode_record(rec);
@@ -635,10 +637,10 @@ void csv_dump(csv_t *csv)
 static int get_memory_usage(pid_t pid)
 {
 	int fd, data, stack;
-	char buf[4096], status_child[BUFSIZ];
+	char buf[4096], status_child[PATH_MAX];
 	char *vm;
 
-	sprintf(status_child, "/proc/%d/status", pid);
+	snprintf(status_child, sizeof(status_child), "/proc/%d/status", pid);
 	if ((fd = open(status_child, O_RDONLY)) < 0)
 		return -1;
 
@@ -670,8 +672,8 @@ int main()
 
 	log_verbose("Mem: %d\n", get_memory_usage(getpid()));
 	csv_init(&csv, buf, 256);
-	sprintf(hdr1, "%4d", 0);
-	sprintf(hdr2, "%4d", 1);
+	snprintf(hdr1, sizeof(hdr1), "%4d", 0);
+	snprintf(hdr2, sizeof(hdr2), "%4d", 1);
 	log_verbose("(%zu/%zu/%d/%d)\n", strlen(hdr1), strlen(hdr2), atoi(hdr1),
 		    atoi(hdr2));
 	rec = csv_encode(&csv, 2, hdr1, hdr2);
@@ -683,8 +685,8 @@ int main()
 	}
 	csv_encode(&csv, 2, "pdfadfadfadsadsaddfdfdsfdsd", "35444554545454545");
 	log_verbose("%s\n", buf);
-	sprintf(hdr1, "%4d", csv.csv_len);
-	sprintf(hdr2, "%4d", 1);
+	snprintf(hdr1, sizeof(hdr1), "%4d", csv.csv_len);
+	snprintf(hdr2, sizeof(hdr2), "%4d", 1);
 	log_verbose("(%zu/%zu/%d/%d)\n", strlen(hdr1), strlen(hdr2), atoi(hdr1),
 		    atoi(hdr2));
 	rec = csv_encode_record(&csv, rec, 2, hdr1, hdr2);