len0rd/rockbox
1
0
Fork 1
mirror of https://github.com/Rockbox/rockbox.git synced 2025-10-28 00:06:20 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix possible readlink() buffer overflow

Browse source 
readlink() might return the full size of the target buffer
and we write a '\0' to the returned length offset.

cppecheck reported:
[rockbox/apps/tagcache.c:4335]: (warning, inconclusive) readlink() might return the full size of 'target'. Lower the supplied size by one.

(the check was actually written by me)

Change-Id: Ibb42f732aa42c38bb6cb92cdccd3e6a0d3aa9b9f
This commit is contained in:
Thomas Jarosch 2013-01-15 22:04:18 +01:00
parent 224c6d68f1
commit 5db5341deb
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
apps/tagcache.c
View file

@ -4332,7 +4332,7 @@ static bool add_search_root(const char *name)
static char abs_target[PATH_MAX]; static char abs_target[PATH_MAX];
ssize_t len; ssize_t len;
len = readlink(name, target, sizeof(target)); len = readlink(name, target, sizeof(target)-1);
if (len < 0) if (len < 0)
return false; return false;