According to the readlink(const char *filename, char *buffer, size_t size); documentation, the terminating '\0' is not written in the buffer. As the buffer that is passed to this API is not initialized, this can lead to working with not null-terminated string. The problem was detected by valgrind. Signed-off-by: Tzvetomir Stoyanov (VMware) <tz.stoyanov@xxxxxxxxx> --- lib/trace-cmd/trace-plugin.c | 1 + lib/trace-cmd/trace-util.c | 1 + 2 files changed, 2 insertions(+) diff --git a/lib/trace-cmd/trace-plugin.c b/lib/trace-cmd/trace-plugin.c index 6bec18bc..92f9edf3 100644 --- a/lib/trace-cmd/trace-plugin.c +++ b/lib/trace-cmd/trace-plugin.c @@ -199,6 +199,7 @@ static char *get_source_plugins_dir(void) if (ret > PATH_MAX || ret < 0) return NULL; + path[ret] = 0; dirname(path); p = strrchr(path, '/'); if (!p) diff --git a/lib/trace-cmd/trace-util.c b/lib/trace-cmd/trace-util.c index 04dc804c..0ead96ea 100644 --- a/lib/trace-cmd/trace-util.c +++ b/lib/trace-cmd/trace-util.c @@ -269,6 +269,7 @@ static char *get_source_plugins_dir(void) if (ret > PATH_MAX || ret < 0) return NULL; + path[ret] = 0; dirname(path); p = strrchr(path, '/'); if (!p) -- 2.25.1
|