Indeed, I overlooked that. I attached the patched patch.
Sincerely,
Willem van de Krol
On Tue, Jul 9, 2013 at 7:35 PM, Michał Kazior <kazikcz_AT_gmail.com> wrote:
> On 9 July 2013 19:19, Krol, Willem van de <008054_AT_jfc.nl> wrote:
> > Hello all,
> >
> > The man page of readlink(2) says it "does not append a null byte to
> buf".
> > The readlink utility in sbase, however, assumes it does. I attached a
> patch.
>
> Hi,
>
> The patch introduces buffer overflow. sizeof(buf)-1 should be passed
> to readlink().
>
>
> Regards,
> Michał Kazior.
>
>
Received on Tue Jul 09 2013 - 19:38:48 CEST