From 6da498c28f2598bea4d651756485f57d54e379f4 Mon Sep 17 00:00:00 2001 From: Kevin Kuehler Date: Wed, 27 Nov 2019 16:35:15 -0800 Subject: [PATCH] shared/ask-password-api: modify keyctl break value We can break if KEYCTL_READ return value is equal to our buffer size. From keyctl(2): On a successful return, the return value is always the total size of the payload data. To determine whether the buffer was of sufficient size, check to see that the return value is less than or equal to the value supplied in arg4. --- src/shared/ask-password-api.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/shared/ask-password-api.c b/src/shared/ask-password-api.c index 9ffbe1bc4e0..7f6775f4a13 100644 --- a/src/shared/ask-password-api.c +++ b/src/shared/ask-password-api.c @@ -78,7 +78,7 @@ static int retrieve_key(key_serial_t serial, char ***ret) { n = keyctl(KEYCTL_READ, (unsigned long) serial, (unsigned long) p, (unsigned long) m, 0); if (n < 0) return -errno; - if ((size_t) n < m) { + if ((size_t) n <= m) { nfinal = (size_t) n; pfinal = TAKE_PTR(p); break; -- 2.47.3