Variable len could be assigned to PATH_MAX + 1 length (returned
from readlink) and this variable is used as index to array link
of size only PATH_MAX + 1.
---
compat/dun.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/compat/dun.c b/compat/dun.c
index 59f036f..de98830 100644
--- a/compat/dun.c
+++ b/compat/dun.c
@@ -104,7 +104,7 @@ static int uses_rfcomm(char *path, char *dev)
while ((de = readdir(dir)) != NULL) {
char link[PATH_MAX + 1];
- int len = readlink(de->d_name, link, sizeof(link));
+ int len = readlink(de->d_name, link, PATH_MAX);
if (len > 0) {
link[len] = 0;
if (strstr(link, dev)) {
--
1.7.4.4
Hi Pavel,
On Tue, Aug 16, 2011, Pavel Raiskup wrote:
> Variable len could be assigned to PATH_MAX + 1 length (returned
> from readlink) and this variable is used as index to array link
> of size only PATH_MAX + 1.
> ---
> compat/dun.c | 2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
The first three patches have been applied. The rest still have
formatting errors so I have not been able to apply them.
Johan