From: Nickolai Zeldovich <kolya@mit.edu>
Date: Mon, 18 Mar 2002 03:24:10 +0000 (+0000)
Subject: Allocate the exact string length needed for the string in symlink
X-Git-Tag: openafs-stable-1_2_4~83
X-Git-Url: https://git.michaelhowe.org/gitweb/?a=commitdiff_plain;h=ddd09a73be1c25dc1d484b3487f970ce0ffffd16;p=packages%2Fo%2Fopenafs.git

Allocate the exact string length needed for the string in symlink
contents, rather than assuming that symlink data never contains
nulls (or that it's of the length we expect).


(cherry picked from commit 209f1c22577c2314a896de997bd7939fab2e3d52)
---

diff --git a/src/afs/VNOPS/afs_vnop_symlink.c b/src/afs/VNOPS/afs_vnop_symlink.c
index 4c9676723..3fe6c993b 100644
--- a/src/afs/VNOPS/afs_vnop_symlink.c
+++ b/src/afs/VNOPS/afs_vnop_symlink.c
@@ -224,7 +224,7 @@ afs_MemHandleLink(avc, areq)
      struct vrequest *areq;
   {
       register struct dcache *tdc;
-      register char *tp;
+      register char *tp, *rbuf;
       afs_int32 offset, len, alen;
       register afs_int32 code;
 
@@ -245,10 +245,14 @@ afs_MemHandleLink(avc, areq)
 	  }
 	  if (avc->m.Mode	& 0111)	alen = len+1;	/* regular link */
 	  else alen = len;			/* mt point */
-          tp = afs_osi_Alloc(alen); /* make room for terminating null */
+	  rbuf = (char *) osi_AllocLargeSpace(AFS_LRALLOCSIZ);
           addr = afs_MemCacheOpen(tdc->f.inode);
-          code = afs_MemReadBlk(addr, 0, tp, len);
-	  tp[alen-1] = 0;
+          code = afs_MemReadBlk(addr, 0, rbuf, len);
+	  rbuf[alen-1] = '\0';
+	  alen = strlen(rbuf) + 1;
+          tp = afs_osi_Alloc(alen); /* make room for terminating null */
+	  memcpy(tp, rbuf, alen);
+	  osi_FreeLargeSpace(rbuf);
 	  afs_PutDCache(tdc);
 	  if (code != len) {
 	      afs_osi_Free(tp, alen);
@@ -263,7 +267,7 @@ afs_UFSHandleLink(avc, areq)
     register struct vcache *avc;
     struct vrequest *areq; {
     register struct dcache *tdc;
-    register char *tp;
+    register char *tp, *rbuf;
     char *tfile;
     afs_int32 offset, len, alen;
     register afs_int32 code;
@@ -285,11 +289,15 @@ afs_UFSHandleLink(avc, areq)
 	tfile = osi_UFSOpen (tdc->f.inode);
 	if (avc->m.Mode	& 0111)	alen = len+1;	/* regular link */
 	else alen = len;			/* mt point */
-	tp = afs_osi_Alloc(alen);			/* make room for terminating null */
-	code = afs_osi_Read(tfile, -1, tp, len);
-	tp[alen-1] = 0;
+	rbuf = (char *) osi_AllocLargeSpace(AFS_LRALLOCSIZ);
+	code = afs_osi_Read(tfile, -1, rbuf, len);
+	rbuf[alen-1] = '\0';
 	osi_UFSClose(tfile);
 	afs_PutDCache(tdc);
+	alen = strlen(rbuf) + 1;
+	tp = afs_osi_Alloc(alen);	/* make room for terminating null */
+	memcpy(tp, rbuf, alen);
+	osi_FreeLargeSpace(rbuf);
 	if (code != len) {
 	    afs_osi_Free(tp, alen);
 	    return EIO;