The readlink() function reads where a link points to. The function with its arguments is
readlink(link, buf, len);.
Non-Compliant
...
Code Example
readlink() never 0-terminates by itself, so you have to do it by yourself. People often seem to forget this, leading to infoleaks or sometimes memory corruption. Another thing people like to do is
| Code Block |
|---|
len = readlink(link, buf, sizeof(buf));
buf[len] = '\0';
|
| Wiki Markup |
|---|
There are two problems here. {{readlink()}} can return \-1 if it fails, hence causing an off-by-one underflow, so always check the {{readlink}} return value. The other problem that can occur is that {{readlink}} returns how many |
byted buffer, in this case it can write up to buffer. In this case it can write up to {{sizeof(buf)}} bytes. |
if basicly : buf
{{buf\[sizeof(buf)\] = '\0';}}, which is an off-by-one overflow. |
Compliant Solution
| Code Block |
|---|
#include <unistd.h>
char buf[1024];
ssizet_t len;
...
if ((len = readlink("/modules/pass1", buf, sizeof(buf)-1)) != -1)
buf[len] = '\0';
|
...
