[PATCH] Revert "initd: fix off-by-one error in mkdev.c"

Nick vincent at systemli.org
Tue Aug 31 02:13:31 PDT 2021


Yep. Thanks. Just added another patch that is fixing the issue. I went 
to some internet sources and code to see how other people handle the 
issue and seems like everyone is just subtracting 1. Now you also wrote 
the same. :)

Bests,
Nick

On 8/31/21 10:59 AM, Felix Fietkau wrote:
> On 2021-08-31 10:25, vincent at systemli.org wrote:
>> From: Nick Hainke <vincent at systemli.org>
>>
>> This reverts commit 8eb1d783cca6e0d501dd3a2f94262ffc36ae6482.
>>
>> This line reads a symbolic link into the string buffer "buf".
>> 	len = readlink(buf2, buf, sizeof(buf));
>> The commit replaced now
>> 	buf[len] = 0;
>> with
>> 	buf[sizeof(buf) - 1] = '\0';
>>
>> However, that does not work since readlink does not null-terminate
>> the string written into "buf" and  "buf[len] = 0" was used for that.
>>
>> What happens if the buffer is to small?
>> "If the buf argument is not large enough to contain the link content,
>> the first bufsize bytes shall be placed in buf."
>> (Source: https://pubs.opengroup.org/onlinepubs/009695399/functions/readlink.htm)
> That revert adds back the original off-by-one error, since len will be
> sizeof(buf) in case of an undersized buffer.
> I agree that 'buf[len] = 0' is correct, but only if you also use
> sizeof(buf)-1 as size argument in the readlink() call.
>
> - Felix
>
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
> https://lists.openwrt.org/mailman/listinfo/openwrt-devel



More information about the openwrt-devel mailing list