Fixed off-by-one buffer overflows (practically non-exploitable).

Found by Coverity scan.

diff --git a/src/doveadm/doveadm-master.c b/src/doveadm/doveadm-master.c
index ae989e0a975e7bf95b448d06721b15beb61575d4..2c2da3260eefb79f0e31df93aa4b76859aee4ea4 100644 (file)
--- a/src/doveadm/doveadm-master.c
+++ b/src/doveadm/doveadm-master.c
@@ -23,7 +23,7 @@ static bool pid_file_read(const char *path, pid_t *pid_r)
                i_fatal("open(%s) failed: %m", path);
        }
 
-       ret = read(fd, buf, sizeof(buf));
+       ret = read(fd, buf, sizeof(buf)-1);
        if (ret <= 0) {
                if (ret == 0)
                        i_error("Empty PID file in %s", path);

diff --git a/src/master/main.c b/src/master/main.c
index 454b877353060d9adb44010dc018d98897d6d2b2..664b418998a5beaa4197b654c4a60e4faaded8f1 100644 (file)
--- a/src/master/main.c
+++ b/src/master/main.c
@@ -201,7 +201,7 @@ static void fatal_log_check(const struct master_settings *set)
        if (fd == -1)
                return;
 
-       ret = read(fd, buf, sizeof(buf));
+       ret = read(fd, buf, sizeof(buf)-1);
        if (ret < 0)
                i_error("read(%s) failed: %m", path);
        else {
@@ -231,7 +231,7 @@ static bool pid_file_read(const char *path, pid_t *pid_r)
                i_fatal("open(%s) failed: %m", path);
        }
 
-       ret = read(fd, buf, sizeof(buf));
+       ret = read(fd, buf, sizeof(buf)-1);
        if (ret <= 0) {
                if (ret == 0)
                        i_error("Empty PID file in %s, overriding", path);