From e925018786d85fb3aed3b62a0a89309f9a7d5e4f Mon Sep 17 00:00:00 2001
From: Mathias Nyman <mathias.nyman@nokia.com>
Date: Wed, 21 Apr 2010 13:52:52 +0300
Subject: [PATCH] remove buffer-overrun risk in readlink call

readlink does not write a nul character to the end of the
string it returns. Therefore ask for one fewer character
than the buffer size so there's always room for an extra \0.

Signed-off-by: Mathias Nyman <mathias.nyman@nokia.com>
Signed-off-by: Phil Carmody <ext-phil.2.carmody@nokia.com>
Signed-off-by: Martin Pitt <martin.pitt@ubuntu.com>
---
 udev/udev-node.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/udev/udev-node.c b/udev/udev-node.c
index 2a2c2cf0b..ceb1d52ea 100644
--- a/udev/udev-node.c
+++ b/udev/udev-node.c
@@ -163,7 +163,7 @@ static int node_symlink(struct udev *udev, const char *node, const char *slink)
 			int len;
 
 			dbg(udev, "found existing symlink '%s'\n", slink);
-			len = readlink(slink, buf, sizeof(buf));
+			len = readlink(slink, buf, sizeof(buf) - 1);
 			if (len > 0) {
 				buf[len] = '\0';
 				if (strcmp(target, buf) == 0) {
-- 
2.30.2