util: be a bit safer in path_is_safe()

author Lennart Poettering <lennart@poettering.net>

Thu, 30 Apr 2015 17:44:10 +0000 (19:44 +0200)

committer Lennart Poettering <lennart@poettering.net>

Tue, 5 May 2015 22:06:35 +0000 (15:06 -0700)
author Lennart Poettering <lennart@poettering.net>
Thu, 30 Apr 2015 17:44:10 +0000 (19:44 +0200)
committer Lennart Poettering <lennart@poettering.net>
Tue, 5 May 2015 22:06:35 +0000 (15:06 -0700)
diff --git a/src/shared/util.c b/src/shared/util.c

index 2c7254eedac2c9917a14d0140c29fdf878f3dfdb..d9bd34b3b647d9389439a603ffc1ca005aa02f77 100644 (file)
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -3917,7 +3917,7 @@ bool path_is_safe(const char *p) {
          if (streq(p, "..") || startswith(p, "../") || endswith(p, "/..") || strstr(p, "/../"))
                  return false;
  
-        if (strlen(p) > PATH_MAX)
+        if (strlen(p)+1 > PATH_MAX)
                  return false;
  
          /* The following two checks are not really dangerous, but hey, they still are confusing */
author	Lennart Poettering <lennart@poettering.net>
	Thu, 30 Apr 2015 17:44:10 +0000 (19:44 +0200)
committer	Lennart Poettering <lennart@poettering.net>
	Tue, 5 May 2015 22:06:35 +0000 (15:06 -0700)