diff options
| author | fanquake <fanquake@gmail.com> | 2022-11-01 11:05:40 +0000 |
|---|---|---|
| committer | fanquake <fanquake@gmail.com> | 2022-11-01 11:09:17 +0000 |
| commit | 5668ccec1d3785632caf4b74c1701019ecc88f41 (patch) | |
| tree | 868751abc81b0e7ac97bd85f0539c0ce472ab398 /src | |
| parent | c041d8f2c950105cbba1a1280321ffb7f48316da (diff) | |
| parent | e049fd76f0d57c1e6400fbfbaf4cc6ebe540f16f (diff) | |
| download | bitcoin-5668ccec1d3785632caf4b74c1701019ecc88f41.tar.xz | |
Merge bitcoin/bitcoin#25548: gui: Check for readlink buffer overflow and handle gracefully
e049fd76f0d57c1e6400fbfbaf4cc6ebe540f16f Bugfix: Check for readlink buffer overflow and handle gracefully (Luke Dashjr)
Pull request description:
If readlink returns the size of the buffer, an overflow may have (safely) occurred.
Pass a buffer size of MAX_PATH+1 (the size of the actual buffer) to detect this scenario.
ACKs for top commit:
hebasto:
ACK e049fd76f0d57c1e6400fbfbaf4cc6ebe540f16f.
Tree-SHA512: 188bace79cbe556efe7782e46b870c02729b07b104a9316b0f7d50013504972e85baf507403d2d6060bb2bf3e13f40d735bddd18255d97a60810208c3de87691
Diffstat (limited to 'src')
| -rw-r--r-- | src/qt/guiutil.cpp | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/qt/guiutil.cpp b/src/qt/guiutil.cpp index b9f0be41e3..6e88b57e08 100644 --- a/src/qt/guiutil.cpp +++ b/src/qt/guiutil.cpp @@ -615,9 +615,10 @@ bool SetStartOnSystemStartup(bool fAutoStart) else { char pszExePath[MAX_PATH+1]; - ssize_t r = readlink("/proc/self/exe", pszExePath, sizeof(pszExePath) - 1); - if (r == -1) + ssize_t r = readlink("/proc/self/exe", pszExePath, sizeof(pszExePath)); + if (r == -1 || r > MAX_PATH) { return false; + } pszExePath[r] = '\0'; fs::create_directories(GetAutostartDir()); |