Bugfix: Check for readlink buffer overflow and handle gracefully

If readlink returns the size of the buffer, an overflow may have (safely) occurred. Pass a buffer size of MAX_PATH+1 (the size of the actual buffer) to detect this scenario.
author: Luke Dashjr <luke-jr+git@utopios.org> 2022-07-05 23:41:38 +0000
committer: Luke Dashjr <luke-jr+git@utopios.org> 2022-07-05 23:44:18 +0000
commit: e049fd76f0d57c1e6400fbfbaf4cc6ebe540f16f (patch)
tree: be3574b3874d9a101029a212bc5c81880a3d5ded /src/qt/guiutil.cpp
parent: 9d9c4185fadaf243bb97c226e2fef16b65299699 (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/src/qt/guiutil.cpp b/src/qt/guiutil.cpp
index 558d4f108c..cb8be5b9ba 100644
--- a/src/qt/guiutil.cpp
+++ b/src/qt/guiutil.cpp
@@ -743,9 +743,10 @@ bool SetStartOnSystemStartup(bool fAutoStart)
     else
     {
         char pszExePath[MAX_PATH+1];
-        ssize_t r = readlink("/proc/self/exe", pszExePath, sizeof(pszExePath) - 1);
-        if (r == -1)
+        ssize_t r = readlink("/proc/self/exe", pszExePath, sizeof(pszExePath));
+        if (r == -1 || r > MAX_PATH) {
             return false;
+        }
         pszExePath[r] = '\0';
 
         fs::create_directories(GetAutostartDir());
author	Luke Dashjr <luke-jr+git@utopios.org>	2022-07-05 23:41:38 +0000
committer	Luke Dashjr <luke-jr+git@utopios.org>	2022-07-05 23:44:18 +0000
commit	e049fd76f0d57c1e6400fbfbaf4cc6ebe540f16f (patch)
tree	be3574b3874d9a101029a212bc5c81880a3d5ded /src/qt/guiutil.cpp
parent	9d9c4185fadaf243bb97c226e2fef16b65299699 (diff)