From: Jon Trulson Date: Sun, 1 Apr 2018 19:43:48 +0000 (-0600) Subject: dtfile: coverity CIDs 88363,88405,89140,89612; insecure readlink X-Git-Tag: 2.2.4a~151 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=7fa35c29c4559ce8b4ca4d4b5f0216a5305bb6ea;p=oweals%2Fcde.git dtfile: coverity CIDs 88363,88405,89140,89612; insecure readlink --- diff --git a/cde/programs/dtfile/Directory.c b/cde/programs/dtfile/Directory.c index f1113c71..460e3df7 100644 --- a/cde/programs/dtfile/Directory.c +++ b/cde/programs/dtfile/Directory.c @@ -825,7 +825,7 @@ ReadFileData( { while ((link_len = readlink(link_file_name, link_path, MAX_PATH)) > 0) { - link_path[link_len] = '\0'; + link_path[link_len-1] = 0; link_list = (char **)XtRealloc((char *)link_list, sizeof(char *) * (link_count + 2)); @@ -1071,7 +1071,7 @@ ReadFileData2( { while ((link_len = readlink(link_file_name, link_path, MAX_PATH)) > 0) { - link_path[link_len] = NILL; + link_path[link_len - 1] = 0; link_list = (char **)XtRealloc((char *)link_list, sizeof(char *) * (link_count + 2)); diff --git a/cde/programs/dtfile/SharedProcs.c b/cde/programs/dtfile/SharedProcs.c index 51a10554..63b7c115 100644 --- a/cde/programs/dtfile/SharedProcs.c +++ b/cde/programs/dtfile/SharedProcs.c @@ -236,7 +236,7 @@ _DtFollowLink ( while ((link_len = readlink(file, link_path, MAXPATHLEN)) > 0) { - link_path[link_len] = '\0'; + link_path[link_len-1] = 0; /* Force the link to be an absolute path, if necessary */ if (link_path[0] != '/') diff --git a/cde/programs/dtfile/dtcopy/fsrtns.c b/cde/programs/dtfile/dtcopy/fsrtns.c index 5532aca2..4956d5ae 100644 --- a/cde/programs/dtfile/dtcopy/fsrtns.c +++ b/cde/programs/dtfile/dtcopy/fsrtns.c @@ -187,7 +187,7 @@ CopyLink(char *sourceP, char *targetP, int repl, struct stat *statP) } while (l < 0 && errno == EINTR); if (l < 0) return errno; - buf[l] = 0; + buf[l-1] = 0; if (symlink(buf, targetP) == 0) return 0; else if (errno != EEXIST || !repl)