diff -up nfs-utils-1.3.0/utils/exportfs/exportfs.c.orig nfs-utils-1.3.0/utils/exportfs/exportfs.c

--- nfs-utils-1.3.0/utils/exportfs/exportfs.c.orig	2016-05-03 11:06:55.925043000 -0400

+++ nfs-utils-1.3.0/utils/exportfs/exportfs.c	2016-05-03 11:11:58.680677000 -0400

@@ -508,9 +508,10 @@ unexportfs(char *arg, int verbose)

 static int can_test(void)

 {

-	char buf[1024];

+	char buf[1024] = { 0 };

 	int fd;

 	int n;

+	size_t bufsiz = sizeof(buf);

 	fd = open("/proc/net/rpc/auth.unix.ip/channel", O_WRONLY);

 	if (fd < 0)

@@ -523,9 +524,9 @@ static int can_test(void)

 	 * commit 2f74f972  (sunrpc: prepare NFS for 2038).

 	 */

 	if (time(NULL) > INT_TO_LONG_THRESHOLD_SECS)

-		sprintf(buf, "nfsd 0.0.0.0 %ld -test-client-\n", LONG_MAX);

+		snprintf(buf, bufsiz-1, "nfsd 0.0.0.0 %ld -test-client-\n", LONG_MAX);

 	else

-		sprintf(buf, "nfsd 0.0.0.0 %d -test-client-\n", INT_MAX);

+		snprintf(buf, bufsiz-1, "nfsd 0.0.0.0 %d -test-client-\n", INT_MAX);

 	n = write(fd, buf, strlen(buf));

 	close(fd);

@@ -541,7 +542,8 @@ static int can_test(void)

 static int test_export(char *path, int with_fsid)

 {

-	char buf[1024];

+	/* beside max path, buf size should take protocol str into account */

+	char buf[NFS_MAXPATHLEN+1+64] = { 0 };

 	char *bp = buf;

 	int len = sizeof(buf);

 	int fd, n;

@@ -766,7 +768,8 @@ dumpopt(char c, char *fmt, ...)

 static void

 dump(int verbose, int export_format)

 {

-	char buf[1024];

+	/* buf[] size should >= sizeof(struct exportent->e_path) */

+	char buf[NFS_MAXPATHLEN+1] = { 0 };

 	char *bp;

 	int len;

 	nfs_export	*exp;