This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/13335] New: chroot_canon(): Fix off-by-one in readlink() buffer
- From: "thomas.jarosch at intra2net dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sources dot redhat dot com
- Date: Mon, 24 Oct 2011 14:53:56 +0000
- Subject: [Bug libc/13335] New: chroot_canon(): Fix off-by-one in readlink() buffer
- Auto-submitted: auto-generated
http://sourceware.org/bugzilla/show_bug.cgi?id=13335
Bug #: 13335
Summary: chroot_canon(): Fix off-by-one in readlink() buffer
Product: glibc
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: libc
AssignedTo: drepper.fsp@gmail.com
ReportedBy: thomas.jarosch@intra2net.com
Classification: Unclassified
Created attachment 6027
--> http://sourceware.org/bugzilla/attachment.cgi?id=6027
Patch to fix the issue
>From the patch:
chroot_canon(): Fix off-by-one in readlink() buffer
readlink() might return the full size of the buffer,
so we might write the terminating zero past the end of the buffer.
Fix it by reducing the supplied buffer size by 1.
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.