From 5e058dfcc0ff0d945107d7318eef94db9fdea8b2 Mon Sep 17 00:00:00 2001 From: Tom Rix Date: Tue, 19 May 2020 09:10:09 -0400 Subject: [PATCH] Fix possible buffer overflow readlink returns the number of bytes written. If that fills the buffer, then the NULL assignment will overflow. Reduce the buffer size parameter in readlink by 1 to ensure there is space for the NULL. Signed-off-by: Tom Rix --- opae-libs/plugins/xfpga/sysfs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/opae-libs/plugins/xfpga/sysfs.c b/opae-libs/plugins/xfpga/sysfs.c index d82db4e3..bf7e3b3d 100644 --- a/opae-libs/plugins/xfpga/sysfs.c +++ b/opae-libs/plugins/xfpga/sysfs.c @@ -1793,7 +1793,7 @@ fpga_result sysfs_sbdf_from_path(const char *sysfspath, int *s, int *b, int *d, char rlpath[SYSFS_PATH_MAX]; char *p; - res = readlink(sysfspath, rlpath, sizeof(rlpath)); + res = readlink(sysfspath, rlpath, sizeof(rlpath)-1); if (-1 == res) { OPAE_MSG("Can't read link %s (no driver?)", sysfspath); return FPGA_NO_DRIVER; -- 2.18.2