From 3a18068cd41357b97856b466c5315abcaa0b351c Mon Sep 17 00:00:00 2001
From: Binyang Li <binyli@microsoft.com>
Date: Sun, 26 May 2024 14:12:57 +0800
Subject: [PATCH] Fix security issue (#305)

Change sprintf to snprintf to avoid potential security issue
---
 src/utils_internal.cc | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/utils_internal.cc b/src/utils_internal.cc
index c94e1620e..b3f3c28e3 100644
--- a/src/utils_internal.cc
+++ b/src/utils_internal.cc
@@ -31,7 +31,8 @@ static bool matchPort(const int port1, const int port2) {
 namespace mscclpp {
 std::string int64ToBusId(int64_t id) {
   char busId[20];
-  std::sprintf(busId, "%04lx:%02lx:%02lx.%01lx", (id) >> 20, (id & 0xff000) >> 12, (id & 0xff0) >> 4, (id & 0xf));
+  std::snprintf(busId, sizeof(busId), "%04lx:%02lx:%02lx.%01lx", (id) >> 20, (id & 0xff000) >> 12, (id & 0xff0) >> 4,
+                (id & 0xf));
   return std::string(busId);
 }
 
@@ -111,7 +112,7 @@ uint64_t getHostHash(void) {
 uint64_t computePidHash(void) {
   char pname[1024];
   // Start off with our pid ($$)
-  sprintf(pname, "%ld", (long)getpid());
+  std::snprintf(pname, sizeof(pname), "%ld", (long)getpid());
   int plen = strlen(pname);
   int len = readlink("/proc/self/ns/pid", pname + plen, sizeof(pname) - 1 - plen);
   if (len < 0) len = 0;