今天云海服务器发生了宕机，堆栈如下：

#0  0xf77a4440 in __kernel_vsyscall ()
#1  0xf74af687 in raise () from /lib/i386-linux-gnu/libc.so.6
#2  0xf74b2ab3 in abort () from /lib/i386-linux-gnu/libc.so.6
#3  0xf74e9fd3 in ?? () from /lib/i386-linux-gnu/libc.so.6
#4  0xf757f03b in __fortify_fail () from /lib/i386-linux-gnu/libc.so.6
#5  0xf757efca in __stack_chk_fail () from /lib/i386-linux-gnu/libc.so.6
#6  0x08212e51 in CGMActivitySys::OnRelevancePhone (this=0xe22f9e0, player=..., phoneNum=0x12c85ab4 "19907316909", cdKey=0x1525e54c "446244")
    at game_sys/gm_activity/gs_gm_activity.cpp:4572
#7  0x0821275f in CGMActivitySys::OnC2S_RelevancePhone (this=0xe22f9e0, player=..., request=0xfff0bee8, errMsg=...)
    at game_sys/gm_activity/gs_gm_activity.cpp:4477
#8  0x08356672 in MgrGameWorld::OnReceiveProtoEvent (this=0xce2e5f4, player=0x14fd9f10, eventID=CtmGame::C2SG_RELEVANCE_PHONE, request=0xfff0bee8, 
    response=0xfff0bf14) at game_sys/base/game_world.cpp:222
#9  0x085aa79f in PlayingGameProcessor::OnReceiveMsg (this=0x11954030, pClient=0x14eede78, eventID=2434, request=0xfff0bee8, response=0xfff0bf14)
    at login_sys/impl/login_processor/PlayingGameProcessor.cpp:198
#10 0x0854aed2 in NetManagerListenForGate::OnReceiveMSG (this=0xb605638, pSession=0x14eede78, gameSysID=0 '\000', packet=0x1195902c)
    at net_sys/gate/gate_server.cpp:532

查了一下，__stack_chk_fail ()，引用链接：https://blog.csdn.net/zengyubao1/article/details/51597654

代码证实确实是数组越界了

源码：

char url[128];

sprintf(url,gsCfg->PhoneURL,gsCfg->gameName,oid_s,phoneNum,act_s);

这里拼接的字符串超出128字节了。