Learn more about these different git repos.
Other Git URLs
126static errno_t 127remove_socket_symlink(const char *symlink_name) 128{ 129 errno_t ret; 130 char target[PATH_MAX]; 131 char pidpath[PATH_MAX]; 132 ssize_t numread = 0; 133 134 errno = 0; CID 11049: Readlink used insecurely (READLINK)Passing size argument "4096UL" implies readlink() can return up to "4096UL" bytes. Assigning: "numread" = readlink(). 135 numread = readlink(symlink_name, target, PATH_MAX); At conditional (1): "numread < 0L" taking the false branch. 136 if (numread < 0) { 137 ret = errno; 138 DEBUG(2, ("readlink failed [%d]: %s\n", ret, strerror(ret))); 139 return ret; 140 } "target[numread]" is essentially buffer[sizeof(buffer)] which is an off-by-one error. 141 target[numread] = '\0';
Fixed by: - 9acfdb1 (master) - c297ac5 (sssd-1-6) - d326eff (sssd-1-5)
patch: 0 => 1 resolution: => fixed status: new => closed
Fields changed
rhbz: => 0
Metadata Update from @sgallagh: - Issue assigned to jhrozek - Issue set to the milestone: SSSD 1.5.14
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/2085
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.