seccomp_user_notif.2: EXAMPLE: correct the check for NUL in buffer returned by read()

In the usual case, read(fd, buf, PATH_MAX) will return PATH_MAX
bytes that include trailing garbage after the pathname. So the
right check is to scan from the start of the buffer to see if
there's a NUL, and error if there is not.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>

diff --git a/man2/seccomp_user_notif.2 b/man2/seccomp_user_notif.2
index 7ee9f866cad3a3ea1a50adfb1300d742699f153e..3b2617ed38bcd6795bda4d711c17978c26353b5a 100644 (file)
--- a/man2/seccomp_user_notif.2
+++ b/man2/seccomp_user_notif.2
@@ -1216,7 +1216,6 @@ getTargetPathname(struct seccomp_notif *req, int notifyFd,
                   char *path, size_t len)
 {
     char procMemPath[PATH_MAX];
-    bool res = true;
 
     snprintf(procMemPath, sizeof(procMemPath), "/proc/%d/mem", req\->pid);
 
@@ -1247,18 +1246,19 @@ getTargetPathname(struct seccomp_notif *req, int notifyFd,
         exit(EXIT_FAILURE);
     }
 
+    if (close(procMemFd) == \-1)
+        errExit("close\-/proc/PID/mem");
+
     /* We have no guarantees about what was in the memory of the target
        process. We therefore treat the buffer returned by pread() as
        untrusted input. The buffer should be terminated by a null byte;
        if not, then we will trigger an error for the target process. */
 
-    if (path[nread \- 1] != \(aq\0\(aq)
-        res = false;
-
-    if (close(procMemFd) == \-1)
-        errExit("close\-/proc/PID/mem");
+    for (int j = 0; j < nread; j++)
+        if (path[j] == \(aq\0\(aq)
+            return true;
 
-    return res;
+    return false;
 }
 
 /* Handle notifications that arrive via the SECCOMP_RET_USER_NOTIF file