From df7c431d0b0942e949e6d0f0f81ab98a3668ec6e Mon Sep 17 00:00:00 2001 From: Vincent Penquerc'h Date: Mon, 30 Dec 2013 04:48:52 -0500 Subject: [PATCH] qfile-utils: do not write a random extra byte readlink(2) does not write a terminating NUL, and the read side will already place a NUL after whatever it receives. While it seems odd that this would be buggy (ie, synlinks on the ohter side would be pointing to the wrong filename, though I guess if we're lucky and the stack had a 0 byte at the right place, symlink(2) would do what was expected), my reading of the code tells me this patch is right. Needs testing to double check. --- qubes-rpc/qfile-utils.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/qubes-rpc/qfile-utils.c b/qubes-rpc/qfile-utils.c index 2769bea..1dd2286 100644 --- a/qubes-rpc/qfile-utils.c +++ b/qubes-rpc/qfile-utils.c @@ -175,9 +175,9 @@ int single_file_processor(const char *filename, const struct stat *st) char name[st->st_size + 1]; if (readlink(filename, name, sizeof(name)) != st->st_size) gui_fatal("readlink %s", filename); - hdr.filelen = st->st_size + 1; + hdr.filelen = st->st_size; write_headers(&hdr, filename); - if (!write_all_with_crc(1, name, st->st_size + 1)) { + if (!write_all_with_crc(1, name, st->st_size)) { set_block(0); wait_for_result(); exit(1);