From: Nick Hainke <vincent@systemli.org>
Date: Tue, 31 Aug 2021 09:09:19 +0000 (+0200)
Subject: initd: fix off-by-one error in mkdev.c
X-Git-Url: http://git.openwrt.org/source?a=commitdiff_plain;h=773e8da41532b23888511cd864fbd251ecadc577;p=project%2Fprocd.git

initd: fix off-by-one error in mkdev.c

Substract 1 from bufsize so len can not be out of bounds. Same
hanling as in "udevtrigger.c" in "sysfs_resolve_link".

Replaces: 8eb1d783
Coverity CID: 1330087 Readlink used insecurely

Signed-off-by: Nick Hainke <vincent@systemli.org>
---

diff --git a/initd/mkdev.c b/initd/mkdev.c
index 44101aa..f0a1e84 100644
--- a/initd/mkdev.c
+++ b/initd/mkdev.c
@@ -82,7 +82,7 @@ static void find_devs(bool block)
 			continue;
 
 		strcpy(path, dp->d_name);
-		len = readlink(buf2, buf, sizeof(buf));
+		len = readlink(buf2, buf, sizeof(buf) - 1);
 		if (len <= 0)
 			continue;