From ae5193c24ee046c5b8197ce76838a2b2c0e05e01 Mon Sep 17 00:00:00 2001
From: "benchan@chromium.org"
 <benchan@chromium.org@4c0a9323-5329-0410-9bdc-e9ce6186880e>
Date: Wed, 21 Dec 2011 17:51:40 +0000
Subject: Replace readlink calls with a safer version that guarantees
 NULL-termination.

This patch is part of a bigger patch that helps merging the breakpad code
with the modified version in Chromium OS.

Specifically, this patch makes the following changes:
1. Add a SafeReadLink function that wraps sys_readlink() to resolve a
   symbolic link but guarantees the result is NULL-terminated on success.
2. Refactor other source code to use SafeReadLink instead of readlink()
   or sys_readlink().

BUG=455
TEST=Tested the following:
1. Build on 32-bit and 64-bit Linux with gcc 4.4.3 and gcc 4.6.
2. Build on Mac OS X 10.6.8 with gcc 4.2 and clang 3.0 (with latest gmock).
3. All unit tests pass.
4. Run minidump-2-core to covnert a minidump file to a core file.
Review URL: http://breakpad.appspot.com/334001

git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@896 4c0a9323-5329-0410-9bdc-e9ce6186880e
---
 src/client/linux/minidump_writer/linux_dumper.cc | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'src/client/linux/minidump_writer/linux_dumper.cc')

diff --git a/src/client/linux/minidump_writer/linux_dumper.cc b/src/client/linux/minidump_writer/linux_dumper.cc
index f4ab5b1f..a119abaf 100644
--- a/src/client/linux/minidump_writer/linux_dumper.cc
+++ b/src/client/linux/minidump_writer/linux_dumper.cc
@@ -57,6 +57,7 @@
 #include "common/linux/file_id.h"
 #include "common/linux/linux_libc_support.h"
 #include "common/linux/memory_mapped_file.h"
+#include "common/linux/safe_readlink.h"
 #include "third_party/lss/linux_syscall_support.h"
 
 static const char kMappedFileUnsafePrefix[] = "/dev/";
@@ -536,10 +537,8 @@ bool LinuxDumper::HandleDeletedFileInMapping(char* path) const {
   char exe_link[NAME_MAX];
   char new_path[NAME_MAX];
   BuildProcPath(exe_link, pid_, "exe");
-  ssize_t new_path_len = sys_readlink(exe_link, new_path, NAME_MAX);
-  if (new_path_len <= 0 || new_path_len == NAME_MAX)
+  if (!SafeReadLink(exe_link, new_path))
     return false;
-  new_path[new_path_len] = '\0';
   if (my_strcmp(path, new_path) != 0)
     return false;
 
-- 
cgit v1.2.1