Hello,
This patch replaces sprintf() with snprintf() when constructing the ALSA
control device name string to prevent potential buffer overflow. Using
sizeof(name) ensures the write stays within bounds.
Signed-off-by: Nishant Kumar Singh <nishantsingh2jan1998(a)gmail.com>
From 4ee7555c6260cf9b966a04134efdfcc67b99fe64 Mon Sep 17 00:00:00 2001
From: Nishant Kumar Singh <nishantsingh2jan1998(a)gmail.com>
Date: Fri, 27 Mar 2026 03:56:10 +0000
Subject: [PATCH] aplay: use snprintf instead of sprintf in device_list()
sprintf() does not perform bounds checking when writing to the name
buffer. Replace it with snprintf() using sizeof(name) to ensure the
write stays within the allocated buffer and prevent a potential buffer
overflow.
Signed-off-by: Nishant Kumar Singh <nishantsingh2jan1998(a)gmail.com>
---
aplay/aplay.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/aplay/aplay.c b/aplay/aplay.c
index 0050032..74ec947 100644
--- a/aplay/aplay.c
+++ b/aplay/aplay.c
@@ -283,7 +283,7 @@ static void device_list(void)
snd_pcm_stream_name(stream));
while (card >= 0) {
char name[32];
- sprintf(name, "hw:%d", card);
+ snprintf(name, sizeof(name), "hw:%d", card);
if ((err = snd_ctl_open(&handle, name, 0)) < 0) {
error("control open (%i): %s", card,
snd_strerror(err));
goto next_card;
--
2.43.0
