From abbb73d0893e2daf4a06339f581cbe7dc752260f Mon Sep 17 00:00:00 2001
From: Ben Lindstrom <mouring@eviladmin.org>
Date: Thu, 17 May 2001 03:14:57 +0000
Subject:    - markus@cvs.openbsd.org 2001/05/12 19:53:13      [sftp-server.c] 
     readlink does not NULL-terminate; mhe@home.se

---
 ChangeLog     | 8 +++++++-
 sftp-server.c | 7 ++++---
 2 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 5148f2613..19e66029a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+20010517
+ - OpenBSD CVS Sync
+   - markus@cvs.openbsd.org 2001/05/12 19:53:13
+     [sftp-server.c]
+     readlink does not NULL-terminate; mhe@home.se
+
 20010512
  - OpenBSD CVS Sync
    - markus@cvs.openbsd.org 2001/05/11 14:59:56
@@ -5402,4 +5408,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1218 2001/05/12 16:50:50 mouring Exp $
+$Id: ChangeLog,v 1.1219 2001/05/17 03:14:57 mouring Exp $
diff --git a/sftp-server.c b/sftp-server.c
index 75c19c8a6..1cbd1847c 100644
--- a/sftp-server.c
+++ b/sftp-server.c
@@ -22,7 +22,7 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #include "includes.h"
-RCSID("$OpenBSD: sftp-server.c,v 1.25 2001/04/05 10:42:53 markus Exp $");
+RCSID("$OpenBSD: sftp-server.c,v 1.26 2001/05/12 19:53:13 markus Exp $");
 
 #include "buffer.h"
 #include "bufaux.h"
@@ -883,18 +883,19 @@ void
 process_readlink(void)
 {
 	u_int32_t id;
+	int len;
 	char link[MAXPATHLEN];
 	char *path;
 
 	id = get_int();
 	path = get_string(NULL);
 	TRACE("readlink id %d path %s", id, path);
-	if (readlink(path, link, sizeof(link) - 1) == -1)
+	if ((len = readlink(path, link, sizeof(link) - 1)) == -1)
 		send_status(id, errno_to_portable(errno));
 	else {
 		Stat s;
 		
-		link[sizeof(link) - 1] = '\0';
+		link[len] = '\0';
 		attrib_clear(&s.attrib);
 		s.name = s.long_name = link;
 		send_names(id, 1, &s);
-- 
cgit v1.2.3