From 6761726e956e2add0558a8a8814253c7bc10a86b Mon Sep 17 00:00:00 2001
From: Andrew Johnson <anj@aps.anl.gov>
Date: Tue, 26 Jun 2018 18:14:26 -0500
Subject: [PATCH] dbpr: Catch buffer overflow from long link strings.

Fixes lp: #1776141

Currently this just truncates when we hit the end of the buffer,
a better solution is warranted.
---
 src/ioc/db/dbTest.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/ioc/db/dbTest.c b/src/ioc/db/dbTest.c
index 41557930c..237f2baa1 100644
--- a/src/ioc/db/dbTest.c
+++ b/src/ioc/db/dbTest.c
@@ -42,12 +42,13 @@
 #include "special.h"
 
 #define MAXLINE 80
+#define MAXMESS 128
 struct msgBuff {    /* line output structure */
     char            out_buff[MAXLINE + 1];
     char           *pNext;
     char           *pLast;
     char           *pNexTab;
-    char            message[128];
+    char            message[MAXMESS];
 };
 typedef struct msgBuff TAB_BUFFER;
 
@@ -1149,7 +1150,7 @@ static int dbpr_report(
                             break;
                         }
                     }
-                sprintf(pmsg,"%-4s: %s %s", pfield_name,
+                epicsSnprintf(pmsg, MAXMESS, "%-4s: %s %s", pfield_name,
                     type, dbGetString(pdbentry));
                 dbpr_msgOut(pMsgBuff, tab_size);
             }