From c9ff06e0f571ce01ebed4d0fe8d04ab038f54564 Mon Sep 17 00:00:00 2001
From: vraatikka <vilho.raatikka@skysql.com>
Date: Fri, 23 Aug 2013 22:27:40 +0300
Subject: [PATCH] Increased maximum path length from 180 to 255, and replaced
 sprintf with snprintf to prevent buffer overflow.

---
 server/core/secrets.c | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/server/core/secrets.c b/server/core/secrets.c
index 1bd62b7de..9fa3bc86c 100644
--- a/server/core/secrets.c
+++ b/server/core/secrets.c
@@ -57,15 +57,18 @@ int i;
 static MAXKEYS *
 secrets_readKeys()
 {
-char		secret_file[180];
+char		secret_file[255];
 char		*home;
 MAXKEYS		*keys;
 struct stat 	secret_stats;
 int		fd;
 
-	if ((home = getenv("MAXSCALE_HOME")) == NULL)
-		home = "/usr/local/skysql/MaxScale";
-	sprintf(secret_file, "%s/etc/.secrets", home);
+        home = getenv("MAXSCALE_HOME");
+
+        if (home == NULL) {
+                home = "/usr/local/skysql/MaxScale";
+        }
+	snprintf(secret_file, 255, "%s/etc/.secrets", home);
 
 	/* Silently check for a .secrets file */
 	if (access(secret_file, R_OK) == -1)