shared/ask-password-api: modify keyctl break value

We can break if KEYCTL_READ return value is equal to our buffer size.

From keyctl(2):

On a successful return, the return value is always the total size of
the payload data.  To determine whether the buffer was of sufficient
size, check to see that the return value is less than or equal to the
value supplied in arg4.

diff --git a/src/shared/ask-password-api.c b/src/shared/ask-password-api.c
index 9ffbe1bc4e0dd49e2428c998326df04075d31695..7f6775f4a130c1c45ac04a050814022a2eab2438 100644 (file)
--- a/src/shared/ask-password-api.c
+++ b/src/shared/ask-password-api.c
@@ -78,7 +78,7 @@ static int retrieve_key(key_serial_t serial, char ***ret) {
                 n = keyctl(KEYCTL_READ, (unsigned long) serial, (unsigned long) p, (unsigned long) m, 0);
                 if (n < 0)
                         return -errno;
-                if ((size_t) n < m) {
+                if ((size_t) n <= m) {
                         nfinal = (size_t) n;
                         pfinal = TAKE_PTR(p);
                         break;