Re: 2.1.20 ext2fs readlink bug+fix

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Jason Burrell: "Bizarre apparent X11-hardware interaction"
• Previous message: tytso@mit.edu: "Re: signing a filesystem"
• In reply to: Greg Alexander: "Re: Since no one else has stepped forward: 'ZeroD' patch"

> In Linux kernel 2.1.20, readlink() on an ext2 file system returns one plus the
> length of the link target. Previous kernels and other UNIXes I've checked
> return exactly the length of the link target.
>
> Here's a patch to revert to the original behavior:
>
> --- linux/fs/ext2/symlink.c.orig Fri Jan 3 21:19:25 1997
> +++ linux/fs/ext2/symlink.c Sun Jan 5 01:18:10 1997
> @@ -124,7 +124,7 @@
> link = (char *) inode->u.ext2_i.i_data;
>
> /* XXX I hope link is always '\0'-terminated. */
> - i = strlen(link)+1;
> + i = strlen(link);
> if (i > buflen)
> i = buflen;
> if (copy_to_user(buffer, link, i))

On a totally unrelated note, I see a big EEK (or aiee, depending on your
preferences) here. /* XXX I hope link is always '\0'-terminated. */ You
can hope it all you want, but if your disk gets corrupted, it's not gonna
be true. Before doing strlen on it, you should put a null as the last
byte in the array (unless it's dynamic, in which case we might be kinda
screwed).

Greg Alexander
http://www.cia-g.com/~sietch/

• Next message: Jason Burrell: "Bizarre apparent X11-hardware interaction"
• Previous message: tytso@mit.edu: "Re: signing a filesystem"
• In reply to: Greg Alexander: "Re: Since no one else has stepped forward: 'ZeroD' patch"