From: Jes Sorensen <Jes.Sorensen@redhat.com>
Date: Tue, 24 Feb 2015 21:00:36 +0000 (-0500)
Subject: Grow.c: Fix classic readlink() buffer overflow
X-Git-Tag: mdadm-3.3.3~80
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=9eb5ce5ae298a13af29f2c85f33ef75773e852ee;p=thirdparty%2Fmdadm.git

Grow.c: Fix classic readlink() buffer overflow

The buffer passed on to readlink() needs to contain space for the
terminating \0. See 'man 3 readlink' for details.

Signed-off-by: Jes Sorensen <Jes.Sorensen@redhat.com>
Signed-off-by: NeilBrown <neilb@suse.de>
---

diff --git a/Grow.c b/Grow.c
index b78d0638..a8bbf2bf 100644
--- a/Grow.c
+++ b/Grow.c
@@ -3319,7 +3319,7 @@ started:
 		bul = make_backup(sra->sys_name);
 		if (bul) {
 			char buf[1024];
-			int l = readlink(bul, buf, sizeof(buf));
+			int l = readlink(bul, buf, sizeof(buf) - 1);
 			if (l > 0) {
 				buf[l]=0;
 				unlink(buf);