summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJarkko Hietaniemi <jhi@iki.fi>2014-07-26 09:42:30 -0400
committerJarkko Hietaniemi <jhi@iki.fi>2014-07-27 20:38:06 -0400
commit51b468f688a3660c4842b9e634c5fe58a2196307 (patch)
tree1ecd53f2ee6985ec0e0e30d02b4773e953514084
parentce5b0b849c4a3e4d77dc60096ae4170609a81644 (diff)
downloadperl-51b468f688a3660c4842b9e634c5fe58a2196307.tar.gz
readlink() result buffer is not zero-terminated.
Therefore, as an extra paranoia step, zero-terminate the readlink result buffer even before the result SV is created. Also, readlink returns SSize_t, not int.
-rw-r--r--caretx.c8
-rw-r--r--pp_sys.c6
2 files changed, 12 insertions, 2 deletions
diff --git a/caretx.c b/caretx.c
index bf5ba85503..dffa445b3b 100644
--- a/caretx.c
+++ b/caretx.c
@@ -99,7 +99,13 @@ Perl_set_caret_X(pTHX) {
}
# elif defined(HAS_PROCSELFEXE)
char buf[MAXPATHLEN];
- int len = readlink(PROCSELFEXE_PATH, buf, sizeof(buf) - 1);
+ Ssize_t len = readlink(PROCSELFEXE_PATH, buf, sizeof(buf) - 1);
+ /* NOTE: if the length returned by readlink() is sizeof(buf) - 1,
+ * it is impossible to know whether the result was truncated. */
+
+ if (len != -1) {
+ buf[len] = '\0';
+ }
/* On Playstation2 Linux V1.0 (kernel 2.2.1) readlink(/proc/self/exe)
includes a spurious NUL which will cause $^X to fail in system
diff --git a/pp_sys.c b/pp_sys.c
index 501146e3c6..e01cf487a3 100644
--- a/pp_sys.c
+++ b/pp_sys.c
@@ -3671,13 +3671,17 @@ PP(pp_readlink)
dTARGET;
const char *tmps;
char buf[MAXPATHLEN];
- int len;
+ SSize_t len;
TAINT;
tmps = POPpconstx;
+ /* NOTE: if the length returned by readlink() is sizeof(buf) - 1,
+ * it is impossible to know whether the result was truncated. */
len = readlink(tmps, buf, sizeof(buf) - 1);
if (len < 0)
RETPUSHUNDEF;
+ if (len != -1)
+ buf[len] = '\0';
PUSHp(buf, len);
RETURN;
#else