[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug-cpio] [patch] symlink target name corruption in copyout mode

From: Charles Johnston
Subject: [Bug-cpio] [patch] symlink target name corruption in copyout mode
Date: Sun, 12 Nov 2006 19:31:34 -0700
User-agent: Thunderbird (X11/20060917)

The call to readlink in line 801 of copyout.c doesn't return a null-terminated string. The name can end up having extra garbage on the end.

The attached patch adds a null to the end of the string after the return code from readlink has been checked.

Charles Johnston
diff -Ndpru cpio-2.7/src/copyout.c cpio-2.7.fixed/src/copyout.c
--- cpio-2.7/src/copyout.c      2006-09-27 02:19:44.000000000 -0600
+++ cpio-2.7.fixed/src/copyout.c        2006-11-12 18:58:25.000000000 -0700
@@ -806,6 +806,7 @@ process_copy_out ()
                    free (link_name);
+               link_name[link_size] = '\0';
                cpio_safer_name_suffix (link_name, false,
                                        !no_abs_paths_flag, true);
                link_size = strlen (link_name);

reply via email to

[Prev in Thread] Current Thread [Next in Thread]