[rpm PATCH] Fix unterminated buffer after readlink() call
thomas.jarosch at intra2net.com
Mon Oct 24 15:15:38 UTC 2011
On Sunday, 23. October 2011 14:12:34 you wrote:
> On 10/22/2011 12:05 AM, Thomas Jarosch wrote:
> > readlink() never terminates the buffer.
> > Detected by "cppcheck" (git HEAD)
> Oh ugh. I suppose many implementations do terminate the buffer at least
> on success, otherwise this wouldn't have survived as long as it has.
Yeah, I asked myself the same question. I checked glibc's readlink()
implementation and in fact it doesn't zero terminate the string.
Looks like we just got lucky.
While searching through glibc's own readlink() invocations,
I also spotted three buffer termination bugs :o)
(Filed upstream bug #13335 - #13337)
I'm wondering how the readlink() API specification
ever made it into POSIX...
More information about the Rpm-list