Reimplement reverted commit 7fa35c to fix readlink() issues

Original implementation: Commit: 7fa35cA dtfile: coverity CIDs 88363,88405,89140,89612; insecure readlink That commit caused dtfile to be unable to resolve symbolic links and was later reverted. This commit reimplements the fixes correctly, and should hopefully still resolve the coverity issues as well.
2018-04-10 19:05:56 -06:00
parent 10468068ac
commit 56b53a30a1
3 changed files with 11 additions and 8 deletions
--- a/cde/programs/dtfile/SharedProcs.c
+++ b/cde/programs/dtfile/SharedProcs.c
@@ -234,9 +234,9 @@ _DtFollowLink (

   strcpy(file, path);

-   while ((link_len = readlink(file, link_path, MAXPATHLEN)) > 0)
+   while ((link_len = readlink(file, link_path, MAXPATHLEN - 1)) > 0)
   {
-      link_path[link_len] = '\0';
+      link_path[link_len] = 0;

      /* Force the link to be an absolute path, if necessary */
      if (link_path[0] != '/')