volser: Fix bad readlink usage

readlink fills the buffer passed to it with a non-terminated string.
It can legitimately fill the whole of this buffer. So, if we require
a string to be NUL terminated, we must give readlink one less than
the string length so that the termination character can be safely
appended.

Caught by coverity (#985611)

Change-Id: Ie6c651a9c0fd94d83bd05395204341d71e353146
Reviewed-on: http://gerrit.openafs.org/9290
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

diff --git a/src/volser/restorevol.c b/src/volser/restorevol.c
index 1da076f..653a6ac 100644 (file)
--- a/src/volser/restorevol.c
+++ b/src/volser/restorevol.c
@@ -720,7 +720,7 @@ ReadVNode(afs_int32 count)
                 */
                snprintf(linkname, sizeof linkname, "%s" OS_DIRSEP "%s%d",
                         parentdir, AFILE, vn.vnode);
-               len = readlink(linkname, fname, MAXNAMELEN);
+               len = readlink(linkname, fname, MAXNAMELEN - 1);
                if (len < 0) {
                    snprintf(filename, sizeof filename, "%s" OS_DIRSEP "%s%d",
                             rootdir, OFILE, vn.vnode);