| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 14 Oct 2011 12:16:58 -0500 (CDT)
From: Christoph Lameter <cl@...two.org>
To: Thomas Jarosch <thomas.jarosch@...ra2net.com>
cc: linux-kernel@...r.kernel.org, Pekka Enberg <penberg@...helsinki.fi>
Subject: Re: [slabinfo PATCH] Fix off-by-one after readlink() call
On Fri, 14 Oct 2011, Thomas Jarosch wrote:
> index 868cc93..cc1a378 100644
> --- a/tools/slub/slabinfo.c
> +++ b/tools/slub/slabinfo.c
> @@ -1145,7 +1145,7 @@ static void read_slab_dir(void)
> switch (de->d_type) {
> case DT_LNK:
> alias->name = strdup(de->d_name);
> - count = readlink(de->d_name, buffer, sizeof(buffer));
> + count = readlink(de->d_name, buffer, sizeof(buffer)-1);
>
readlink required that the buffer size be specified.
READLINK(2) Linux Programmer's Manual READLINK(2)
NAME
readlink - read value of a symbolic link
SYNOPSIS
#include <unistd.h>
ssize_t readlink(const char *path, char *buf, size_t bufsiz);
Feature Test Macro Requirements for glibc (see feature_test_macros(7)):
readlink(): _BSD_SOURCE || _XOPEN_SOURCE >= 500 || _POSIX_C_SOURCE >= 200112L
DESCRIPTION
readlink() places the contents of the symbolic link path in the buffer buf, which has size bufsiz. readlink() does not append a
null byte to buf. It will truncate the contents (to a length of bufsiz characters), in case the buffer is too small to hold all of
the contents.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists