namei: fix buffer overflow
$ ./namei /usr/bin/java *** glibc detected *** ./namei: free(): invalid next size (fast): 0x00000000018e5070 *** [...] Aborted Reported-by: Sami Kerola <kerolasa@iki.fi> Signed-off-by: Karel Zak <kzak@redhat.com>
This commit is contained in:
parent
6db4681802
commit
f7ed29a7b6
|
@ -197,10 +197,11 @@ readlink_to_namei(struct namei *nm, const char *path)
|
|||
err(EXIT_FAILURE, _("out of memory?"));
|
||||
|
||||
if (*sym != '/') {
|
||||
/* create the absolute path from the relative symlink */
|
||||
memcpy(nm->abslink, path, nm->relstart);
|
||||
*(nm->abslink + nm->relstart) = '/';
|
||||
nm->relstart++;
|
||||
memcpy(nm->abslink + nm->relstart, sym, sz);
|
||||
memcpy(nm->abslink + nm->relstart, sym, sz - nm->relstart);
|
||||
} else
|
||||
memcpy(nm->abslink, sym, sz);
|
||||
nm->abslink[sz] = '\0';
|
||||
|
|
Loading…
Reference in New Issue