From 851412a5ecfd2a954462b1db46e87e27c3f8fc26 Mon Sep 17 00:00:00 2001
From: Christian Beer <christian.beer@aei.mpg.de>
Date: Wed, 21 Oct 2015 17:27:19 +0200
Subject: [PATCH] use snprintf to prevent buffer overflow

fixes CID 27969, 28010, 28027 found by Coverity
---
 sched/sched_util_basic.cpp | 6 +++---
 tools/dir_hier_move.cpp    | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/sched/sched_util_basic.cpp b/sched/sched_util_basic.cpp
index 2381677de2..6396b15fcb 100644
--- a/sched/sched_util_basic.cpp
+++ b/sched/sched_util_basic.cpp
@@ -176,13 +176,13 @@ int dir_hier_path(
     int retval;
 
     if (fanout==0) {
-        sprintf(path, "%s/%s", root, filename);
+        snprintf(path, MAXPATHLEN, "%s/%s", root, filename);
         return 0;
     }
 
     filename_hash(filename, fanout, dir);
 
-    sprintf(dirpath, "%s/%s", root, dir);
+    snprintf(dirpath, MAXPATHLEN, "%s/%s", root, dir);
     if (create) {
         retval = boinc_mkdir(dirpath);
         if (retval && (errno != EEXIST)) {
@@ -192,7 +192,7 @@ int dir_hier_path(
             return ERR_MKDIR;
         }
     }
-    sprintf(path, "%s/%s", dirpath, filename);
+    snprintf(path, MAXPATHLEN, "%s/%s", dirpath, filename);
     return 0;
 }
 
diff --git a/tools/dir_hier_move.cpp b/tools/dir_hier_move.cpp
index 046be203c7..f7b9121105 100644
--- a/tools/dir_hier_move.cpp
+++ b/tools/dir_hier_move.cpp
@@ -61,7 +61,7 @@ int main(int argc, char** argv) {
             fprintf(stderr, "dir_hier_path: %s\n", boincerror(retval));
             exit(1);
         }
-        sprintf(src_path, "%s/%s", src_dir, filename.c_str());
+        snprintf(src_path, sizeof(src_path), "%s/%s", src_dir, filename.c_str());
         retval = rename(src_path, dst_path);
         if (retval) {
             perror("rename");