From ecd42de2c56b4fcf0069b8b4a4d6607710e5de61 Mon Sep 17 00:00:00 2001 From: David Zeuthen Date: Tue, 2 Mar 2010 17:06:33 -0500 Subject: [PATCH] Decrease buffer size when advancing past NUL byte Otherwise we'll overflow the buffer if space is tight. Also add a comment explaining this. Signed-off-by: David Zeuthen --- libudev/libudev-device.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/libudev/libudev-device.c b/libudev/libudev-device.c index 71fc7752..4f42aa28 100644 --- a/libudev/libudev-device.c +++ b/libudev/libudev-device.c @@ -1166,7 +1166,9 @@ static int update_envp_monitor_buf(struct udev_device *udev_device) l = util_strpcpyl(&s, l, key, "=", udev_list_entry_get_value(list_entry), NULL); if (l == 0) return -EINVAL; + /* advance past the trailing '\0' that util_strpcpyl() guarantees */ s++; + l--; } udev_device->envp[i] = NULL; udev_device->monitor_buf_len = s - udev_device->monitor_buf; -- 2.39.5