The readlink() function reads where a link points to. The function with its arguments is
readlink(link, buf, len);.
Non-Compliant Code Example
readlink() never 0-terminates by itself, so you have to do it by yourself. People often seem to forget this, leading to infoleaks or sometimes memory corruption. Another thing people like to do is
len = readlink(link, buf, sizeof(buf)); buf[len] = '\0';
There are two problems here. readlink() can return -1 if it fails, hence causing an off-by-one underflow, so always check the readlink return value. The other problem that can occur is that readlink returns how many bytes got written to the buffer. In this case it can write up to sizeof(buf) bytes. If it does, you basically end up doing
buf[sizeof(buf)] = '\0';, which is an off-by-one overflow.
Compliant Solution
#include <unistd.h>
char buf[1024];
ssizet_t len;
...
if ((len = readlink("/modules/pass1", buf, sizeof(buf)-1)) != -1)
buf[len] = '\0';
References
[[ilja 06]]
[[Open Group 97]]
[[Open Group 04]]