volser: Fix bad readlink usage

readlink fills the buffer passed to it with a non-terminated string.
It can legitimately fill the whole of this buffer. So, if we require
a string to be NUL terminated, we must give readlink one less than
the string length so that the termination character can be safely
appended.

Caught by coverity (#985611)

Reviewed-on: http://gerrit.openafs.org/9290
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit ddc37043351056c402158610477312f0d7d01c13)

Change-Id: Ic3aa9f767b3dce988e32ce670763791f17e72aa2
Reviewed-on: http://gerrit.openafs.org/11017
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

diff --git a/src/volser/restorevol.c b/src/volser/restorevol.c
index 86d720edcd48d949c6ac5d2ebc1bea583f1ce1dd..003f3196f88a6321ae1a0f08b2e55481cf83ea29 100644 (file)
--- a/src/volser/restorevol.c
+++ b/src/volser/restorevol.c
@@ -728,7 +728,7 @@ ReadVNode(afs_int32 count)
                 */
                afs_snprintf(linkname, sizeof linkname, "%s" OS_DIRSEP "%s%d", parentdir,
                             AFILE, vn.vnode);
-               len = readlink(linkname, fname, MAXNAMELEN);
+               len = readlink(linkname, fname, MAXNAMELEN - 1);
                if (len < 0) {
                    afs_snprintf(filename, sizeof filename, "%s" OS_DIRSEP "%s%d",
                                 rootdir, OFILE, vn.vnode);