diff mbox series

[2/2] initd: fix off-by-one error in mkdev.c

Message ID 20210831090919.434244-2-vincent@systemli.org
State Accepted
Delegated to: Daniel Golle
Headers show
Series [1/2] Revert "initd: fix off-by-one error in mkdev.c" | expand

Commit Message

Nick Aug. 31, 2021, 9:09 a.m. UTC
From: Nick Hainke <vincent@systemli.org>

Substract 1 from bufsize so len can not be out of bounds. Same
hanling as in "udevtrigger.c" in "sysfs_resolve_link".

Replaces: 8eb1d783
Coverity CID: 1330087 Readlink used insecurely

Signed-off-by: Nick Hainke <vincent@systemli.org>
---
 initd/mkdev.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
diff mbox series

Patch

diff --git a/initd/mkdev.c b/initd/mkdev.c
index 44101aa..f0a1e84 100644
--- a/initd/mkdev.c
+++ b/initd/mkdev.c
@@ -82,7 +82,7 @@  static void find_devs(bool block)
 			continue;
 
 		strcpy(path, dp->d_name);
-		len = readlink(buf2, buf, sizeof(buf));
+		len = readlink(buf2, buf, sizeof(buf) - 1);
 		if (len <= 0)
 			continue;