From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gdb-patches-return-96213-listarch-gdb-patches=sources.redhat.com@sourceware.org>
Received: (qmail 14013 invoked by alias); 26 Nov 2012 14:20:52 -0000
Received: (qmail 14005 invoked by uid 22791); 26 Nov 2012 14:20:50 -0000
X-SWARE-Spam-Status: No, hits=-7.1 required=5.0	tests=AWL,BAYES_00,KHOP_RCVD_UNTRUST,RCVD_IN_DNSWL_HI,RCVD_IN_HOSTKARMA_W,RP_MATCHES_RCVD,SPF_HELO_PASS
X-Spam-Check-By: sourceware.org
Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28)    by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Mon, 26 Nov 2012 14:20:43 +0000
Received: from int-mx02.intmail.prod.int.phx2.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12])	by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id qAQEKckK017464	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK);	Mon, 26 Nov 2012 09:20:39 -0500
Received: from brno.lan (ovpn01.gateway.prod.ext.ams2.redhat.com [10.39.146.11])	by int-mx02.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id qAQEKb2n021339;	Mon, 26 Nov 2012 09:20:37 -0500
Subject: [PATCH] Fix readlink calls in GDB
To: gdb-patches@sourceware.org
From: Pedro Alves <palves@redhat.com>
Cc: rustyBSD@gmx.fr
Date: Mon, 26 Nov 2012 14:20:00 -0000
Message-ID: <20121126142036.10142.97678.stgit@brno.lan>
User-Agent: StGit/0.16
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <gdb-patches.sourceware.org>
List-Subscribe: <mailto:gdb-patches-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/gdb-patches/>
List-Post: <mailto:gdb-patches@sourceware.org>
List-Help: <mailto:gdb-patches-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Sender: gdb-patches-owner@sourceware.org
X-SW-Source: 2012-11/txt/msg00651.txt.bz2

This is largely based on a patch Maxime sent me, to fix readlink calls
in GDB.

Several readlink calls in gdb are wrong.  readlink doesn't append the
terminating nul, so if we're going to need to do that, we need to pass
'sizeof (buf) - 1' as buffer size.

See:

https://www.securecoding.cert.org/confluence/display/seccode/POS30-C.+Use+the+readlink%28%29+function+properly

Tested on x86_64 Fedora 17, and checked in.

gdb/
2012-11-26  Maxime Villard  <rustyBSD@gmx.fr>
	    Pedro Alves  <palves@redhat.com>

	* common/linux-osdata.c (linux_xfer_osdata_fds): Decrease buffer
	size parameter passed to readlink by one byte.
	* fbsd-nat.c (fbsd_pid_to_exec_file): Ditto.
	* linux-nat.c (linux_child_pid_to_exec_file): Ditto.
	* nbsd-nat.c (nbsd_pid_to_exec_file): Ditto.
	* inf-child.c (inf_child_fileio_readlink): Decrease local buffer's
	size by one byte.

gdb/gdbserver/
2012-11-26  Maxime Villard  <rustyBSD@gmx.fr>

	* hostio.c (handle_readlink): Decrease buffer size
	parameter passed to readlink by one byte.
---
 gdb/common/linux-osdata.c |    2 +-
 gdb/fbsd-nat.c            |    2 +-
 gdb/gdbserver/hostio.c    |    2 +-
 gdb/inf-child.c           |    2 +-
 gdb/linux-nat.c           |    2 +-
 gdb/nbsd-nat.c            |    2 +-
 6 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/gdb/common/linux-osdata.c b/gdb/common/linux-osdata.c
index d54f9d3..b275495 100644
--- a/gdb/common/linux-osdata.c
+++ b/gdb/common/linux-osdata.c
@@ -737,7 +737,7 @@ linux_xfer_osdata_fds (gdb_byte *readbuf,
 			    continue;
 
 			  fdname = xstrprintf ("%s/%s", pathname, dp2->d_name);
-			  rslt = readlink (fdname, buf, 1000);
+			  rslt = readlink (fdname, buf, sizeof (buf) - 1);
 			  if (rslt >= 0)
 			    buf[rslt] = '\0';
 
diff --git a/gdb/fbsd-nat.c b/gdb/fbsd-nat.c
index 254a01a..5eaecdd 100644
--- a/gdb/fbsd-nat.c
+++ b/gdb/fbsd-nat.c
@@ -55,7 +55,7 @@ fbsd_pid_to_exec_file (int pid)
 #endif
 
   path = xstrprintf ("/proc/%d/file", pid);
-  if (readlink (path, buf, MAXPATHLEN) == -1)
+  if (readlink (path, buf, MAXPATHLEN - 1) == -1)
     {
       xfree (buf);
       buf = NULL;
diff --git a/gdb/gdbserver/hostio.c b/gdb/gdbserver/hostio.c
index 72e334c..e89e100 100644
--- a/gdb/gdbserver/hostio.c
+++ b/gdb/gdbserver/hostio.c
@@ -483,7 +483,7 @@ handle_readlink (char *own_buf, int *new_packet_len)
       return;
     }
 
-  ret = readlink (filename, linkname, sizeof linkname);
+  ret = readlink (filename, linkname, sizeof (linkname) - 1);
   if (ret == -1)
     {
       hostio_error (own_buf);
diff --git a/gdb/inf-child.c b/gdb/inf-child.c
index ae2dd1e..3530e75 100644
--- a/gdb/inf-child.c
+++ b/gdb/inf-child.c
@@ -346,7 +346,7 @@ inf_child_fileio_readlink (const char *filename, int *target_errno)
   /* We support readlink only on systems that also provide a compile-time
      maximum path length (MAXPATHLEN), at least for now.  */
 #if defined (HAVE_READLINK) && defined (MAXPATHLEN)
-  char buf[MAXPATHLEN];
+  char buf[MAXPATHLEN - 1];
   int len;
   char *ret;
 
diff --git a/gdb/linux-nat.c b/gdb/linux-nat.c
index 45f7e24..f5ca977 100644
--- a/gdb/linux-nat.c
+++ b/gdb/linux-nat.c
@@ -4319,7 +4319,7 @@ linux_child_pid_to_exec_file (int pid)
   memset (name2, 0, MAXPATHLEN);
 
   sprintf (name1, "/proc/%d/exe", pid);
-  if (readlink (name1, name2, MAXPATHLEN) > 0)
+  if (readlink (name1, name2, MAXPATHLEN - 1) > 0)
     return name2;
   else
     return name1;
diff --git a/gdb/nbsd-nat.c b/gdb/nbsd-nat.c
index 14b562f..7f5df66 100644
--- a/gdb/nbsd-nat.c
+++ b/gdb/nbsd-nat.c
@@ -34,7 +34,7 @@ nbsd_pid_to_exec_file (int pid)
   char *path;
 
   path = xstrprintf ("/proc/%d/exe", pid);
-  if (readlink (path, buf, MAXPATHLEN) == -1)
+  if (readlink (path, buf, MAXPATHLEN - 1) == -1)
     {
       xfree (buf);
       buf = NULL;