Re: [dev][sbase] Readlink doesn't null-terminate buf

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: sin <sin_AT_2f30.org>
Date: Wed, 10 Jul 2013 01:33:29 +0300

On Tue, Jul 09, 2013 at 05:48:47PM -0400, Galos, David wrote:
> > The patch introduces buffer overflow. sizeof(buf)-1 should be passed
> > to readlink().
>
> Furthermore, buf should be made (PATH_MAX + 1) bytes in size, so that
> valid paths don't get truncated.

{PATH_MAX}
Maximum number of bytes in a pathname, including the
terminating null character.[1]

[1] http://pubs.opengroup.org/onlinepubs/009695399/basedefs/limits.h.html

Thanks,
stateless
Received on Wed Jul 10 2013 - 00:33:29 CEST

This archive was generated by hypermail 2.3.0 : Wed Jul 10 2013 - 00:36:06 CEST