diff options
Diffstat (limited to 'safepath.c')
| -rw-r--r-- | safepath.c | 10 |
1 files changed, 8 insertions, 2 deletions
@@ -248,11 +248,16 @@ int safepath_check(const char *name) goto free_out; } - if ((len = readlink(copy, link, sizeof link - 1)) < 0) { + if ((len = readlink(copy, link, sizeof link)) < 0) { ret = safepath_err(errno); goto free_out; } + if (len == sizeof link) { + ret = SAFEPATH_TOOLONG; + goto free_out; + } + link[len] = 0; /* Resolve the symlink, using two different cases based @@ -352,7 +357,8 @@ const char *safepath_strerr(int err) [SAFEPATH_NOTDIR] = "path contains non-directory component", [SAFEPATH_INVAL] = "path is syntactically invalid", [SAFEPATH_NOMEM] = "out of memory", - [SAFEPATH_LOOP] = "too many symlink resolutions" + [SAFEPATH_LOOP] = "too many symlink resolutions", + [SAFEPATH_TOOLONG] = "path component or symlink target too long" }; const char *ret = "SAFEPATH_BAD_ERROR_CODE"; |