[PATCH 2/2] initd: fix off-by-one error in mkdev.c
vincent at systemli.org
vincent at systemli.org
Tue Aug 31 02:09:19 PDT 2021
From: Nick Hainke <vincent at systemli.org>
Substract 1 from bufsize so len can not be out of bounds. Same
hanling as in "udevtrigger.c" in "sysfs_resolve_link".
Replaces: 8eb1d783
Coverity CID: 1330087 Readlink used insecurely
Signed-off-by: Nick Hainke <vincent at systemli.org>
---
initd/mkdev.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/initd/mkdev.c b/initd/mkdev.c
index 44101aa..f0a1e84 100644
--- a/initd/mkdev.c
+++ b/initd/mkdev.c
@@ -82,7 +82,7 @@ static void find_devs(bool block)
continue;
strcpy(path, dp->d_name);
- len = readlink(buf2, buf, sizeof(buf));
+ len = readlink(buf2, buf, sizeof(buf) - 1);
if (len <= 0)
continue;
--
2.33.0
More information about the openwrt-devel
mailing list