update_walk: fix unsafe readlink() usage

27535a7f · Max Kellermann · acaa7254 · 27535a7f · 27535a7f
Commit 27535a7f authored Sep 03, 2012 by Max Kellermann
Hide whitespace changes
Inline Side-by-side

Showing with 11 additions and 2 deletions

NEWS NEWS +1 -0

update_walk.c src/update_walk.c +10 -2

No files found.
--- a/NEWS
+++ b/NEWS
@@ -17,6 +17,7 @@ ver 0.17.2 (2012/??/??)
 * playlist: fix memory leak
 * state_file: save song priorities
 * player: disable cross-fading in "single" mode
+* update: fix unsafe readlink() usage


 ver 0.17.1 (2012/07/31)

--- a/src/update_walk.c
+++ b/src/update_walk.c
@@ -283,12 +283,20 @@ skip_symlink(const struct directory *directory, const char *utf8_name)
 		return true;

 	char buffer[MPD_PATH_MAX];
-	ssize_t ret = readlink(path_fs, buffer, sizeof(buffer));
+	ssize_t length = readlink(path_fs, buffer, sizeof(buffer));
 	g_free(path_fs);
-	if (ret < 0)
+	if (length < 0)
 		/* don't skip if this is not a symlink */
 		return errno != EINVAL;

+	if ((size_t)length >= sizeof(buffer))
+		/* skip symlinks when the buffer is too small for the
+		   link target */
+		return true;
+
+	/* null-terminate the buffer, because readlink() will not */
+	buffer[length] = 0;
+
 	if (!follow_inside_symlinks && !follow_outside_symlinks) {
 		/* ignore all symlinks */
 		return true;