lib/path: improve ul_path_readlink() to be more robust

According to POSIX, readlink() makes no effort to null-terminate buffer with the result. It seems better to hide this disadvantage in the ul_path_...() API rather than assume buf[sz] = '\0' everywhere. Reported-by: Reported-by: Jan Pazdziora <jpazdziora@redhat.com> Signed-off-by: Karel Zak <kzak@redhat.com>
author: Karel Zak <kzak@redhat.com> 2021-06-17 13:28:32 +0200
committer: Karel Zak <kzak@redhat.com> 2021-06-17 13:28:32 +0200
commit: 9dbae34c3da7667319df2191b4b0fee6552dd0e3 (patch)
tree: 84008792720ae4e5e6439de525998c2a34f8cd4e /lib/path.c
parent: 2384fa6e4d086656ea7ae890d2ac2bdce08ca0e6 (diff)
download: util-linux-9dbae34c3da7667319df2191b4b0fee6552dd0e3.tar.gz
1 files changed, 13 insertions, 8 deletions
diff --git a/lib/path.c b/lib/path.c
index 058c143f40..7576328d7c 100644
--- a/lib/path.c
+++ b/lib/path.c
@@ -542,22 +542,27 @@ DIR *ul_path_opendirf(struct path_cxt *pc, const char *path, ...)
 ssize_t ul_path_readlink(struct path_cxt *pc, char *buf, size_t bufsiz, const char *path)
 {
 	int dirfd;
+	ssize_t ssz;
 
 	if (!path) {
 		const char *p = get_absdir(pc);
 		if (!p)
 			return -errno;
-		return readlink(p, buf, bufsiz);
-	}
+		ssz = readlink(p, buf, bufsiz - 1);
+	} else {
+		dirfd = ul_path_get_dirfd(pc);
+		if (dirfd < 0)
+			return dirfd;
 
-	dirfd = ul_path_get_dirfd(pc);
-	if (dirfd < 0)
-		return dirfd;
+		if (*path == '/')
+			path++;
 
-	if (*path == '/')
-		path++;
+		ssz = readlinkat(dirfd, path, buf, bufsiz - 1);
+	}
 
-	return readlinkat(dirfd, path, buf, bufsiz);
+	if (ssz >= 0)
+		buf[ssz] = '\0';
+	return ssz;
 }
 
 /*
author	Karel Zak <kzak@redhat.com>	2021-06-17 13:28:32 +0200
committer	Karel Zak <kzak@redhat.com>	2021-06-17 13:28:32 +0200
commit	9dbae34c3da7667319df2191b4b0fee6552dd0e3 (patch)
tree	84008792720ae4e5e6439de525998c2a34f8cd4e /lib/path.c
parent	2384fa6e4d086656ea7ae890d2ac2bdce08ca0e6 (diff)
download	util-linux-9dbae34c3da7667319df2191b4b0fee6552dd0e3.tar.gz