Merge bitcoin/bitcoin#25548: gui: Check for readlink buffer overflow and handle gracefully

e049fd76f0d57c1e6400fbfbaf4cc6ebe540f16f Bugfix: Check for readlink buffer overflow and handle gracefully (Luke Dashjr) Pull request description: If readlink returns the size of the buffer, an overflow may have (safely) occurred. Pass a buffer size of MAX_PATH+1 (the size of the actual buffer) to detect this scenario. ACKs for top commit: hebasto: ACK e049fd76f0d57c1e6400fbfbaf4cc6ebe540f16f. Tree-SHA512: 188bace79cbe556efe7782e46b870c02729b07b104a9316b0f7d50013504972e85baf507403d2d6060bb2bf3e13f40d735bddd18255d97a60810208c3de87691
author: fanquake <fanquake@gmail.com> 2022-11-01 11:05:40 +0000
committer: fanquake <fanquake@gmail.com> 2022-11-01 11:09:17 +0000
commit: 5668ccec1d3785632caf4b74c1701019ecc88f41 (patch)
tree: 868751abc81b0e7ac97bd85f0539c0ce472ab398
parent: c041d8f2c950105cbba1a1280321ffb7f48316da (diff)
parent: e049fd76f0d57c1e6400fbfbaf4cc6ebe540f16f (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/src/qt/guiutil.cpp b/src/qt/guiutil.cpp
index b9f0be41e3..6e88b57e08 100644
--- a/src/qt/guiutil.cpp
+++ b/src/qt/guiutil.cpp
@@ -615,9 +615,10 @@ bool SetStartOnSystemStartup(bool fAutoStart)
     else
     {
         char pszExePath[MAX_PATH+1];
-        ssize_t r = readlink("/proc/self/exe", pszExePath, sizeof(pszExePath) - 1);
-        if (r == -1)
+        ssize_t r = readlink("/proc/self/exe", pszExePath, sizeof(pszExePath));
+        if (r == -1 || r > MAX_PATH) {
             return false;
+        }
         pszExePath[r] = '\0';
 
         fs::create_directories(GetAutostartDir());
author	fanquake <fanquake@gmail.com>	2022-11-01 11:05:40 +0000
committer	fanquake <fanquake@gmail.com>	2022-11-01 11:09:17 +0000
commit	5668ccec1d3785632caf4b74c1701019ecc88f41 (patch)
tree	868751abc81b0e7ac97bd85f0539c0ce472ab398
parent	c041d8f2c950105cbba1a1280321ffb7f48316da (diff)
parent	e049fd76f0d57c1e6400fbfbaf4cc6ebe540f16f (diff)