This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug libc/13335] New: chroot_canon(): Fix off-by-one in readlink() buffer

From: "thomas.jarosch at intra2net dot com" <sourceware-bugzilla at sourceware dot org>
To: glibc-bugs at sources dot redhat dot com
Date: Mon, 24 Oct 2011 14:53:56 +0000
Subject: [Bug libc/13335] New: chroot_canon(): Fix off-by-one in readlink() buffer
Auto-submitted: auto-generated

http://sourceware.org/bugzilla/show_bug.cgi?id=13335

             Bug #: 13335
           Summary: chroot_canon(): Fix off-by-one in readlink() buffer
           Product: glibc
           Version: unspecified
            Status: NEW
          Severity: normal
          Priority: P2
         Component: libc
        AssignedTo: drepper.fsp@gmail.com
        ReportedBy: thomas.jarosch@intra2net.com
    Classification: Unclassified


Created attachment 6027
  --> http://sourceware.org/bugzilla/attachment.cgi?id=6027
Patch to fix the issue

>From the patch:

chroot_canon(): Fix off-by-one in readlink() buffer

readlink() might return the full size of the buffer,
so we might write the terminating zero past the end of the buffer.

Fix it by reducing the supplied buffer size by 1.

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

Follow-Ups:
- [Bug libc/13335] chroot_canon(): Fix off-by-one in readlink() buffer
  - From: drepper.fsp at gmail dot com

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]