From: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Date: Wed, 27 Jul 2022 18:44:28 +0000 (-0600)
Subject: api: null terminate readlink buffer in cgroup_get_procname_from_procfs()
X-Git-Tag: v2.0.3~29
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=21c50cb860304ad99af920e80e48df941ecf7d75;p=thirdparty%2Flibcgroup.git

api: null terminate readlink buffer in cgroup_get_procname_from_procfs()

Fix readlink buffer null termination warning, reported by Coverity tool:

CID 258273 (#2 of 2): String not null terminated (STRING_NULL).
string_null: Passing unterminated string buf to strdup, which expects a
null-terminated string.

As per the man pages (man 2 readlink):
"readlink() does not append a null byte to buf.  It  will (silently)
truncate the contents (to a length of bufsiz characters), in case the
buffer is too small to hold all of the contents."

Explicitly null terminate the buffer passed to readlink() in
cgroup_get_procname_from_procfs()

Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
(cherry picked from commit 397554c9df86ec7d06e017b877573859c60c258f)
---

diff --git a/src/api.c b/src/api.c
index 39bd5f23..2836e3d1 100644
--- a/src/api.c
+++ b/src/api.c
@@ -5333,6 +5333,9 @@ int cgroup_get_procname_from_procfs(pid_t pid, char **procname)
 		*procname = pname_status;
 		return 0;
 	}
+	/* readlink doesn't append a null */
+	buf[FILENAME_MAX - 1] = '\0';
+
 	if (!strncmp(pname_status, basename(buf), TASK_COMM_LEN - 1)) {
 		/*
 		 * The taken process name from /proc/<pid>/status is