locking: don't try to read more bytes than the buffer can hold

A normal lock file is apparently 1024 bytes in size, so the second attempt at reading bytes from the file would try to read 8192 more bytes into a buffer that has room for only 7168 left. According to valgrind, the read() function doesn't like that -- and true: if for some reason the lock file had suddenly expanded, the buffer would overflow. This fixes https://savannah.gnu.org/bugs/?47156.

locking: don't try to read more bytes than the buffer can hold
A normal lock file is apparently 1024 bytes in size, so the second attempt at reading bytes from the file would try to read 8192 more bytes into a buffer that has room for only 7168 left. According to valgrind, the read() function doesn't like that -- and true: if for some reason the lock file had suddenly expanded, the buffer would overflow. This fixes https://savannah.gnu.org/bugs/?47156.
2faad123 · Benno Schulenberg · bfe418fe · 2faad123
Commit 2faad123 authored 8 years ago by Benno Schulenberg
Hide whitespace changes
Inline Side-by-side

Showing

with 5 additions and 3 deletions
+5 -3
--- a/src/files.c
+++ b/src/files.c
@@ -32,6 +32,8 @@
 #include <pwd.h>
 #include <libgen.h>
+#define LOCKBUFSIZE 8192
 /* Verify that the containing directory of the given filename exists. */
 bool has_valid_path(const char *filename)
 {
@@ -337,11 +339,11 @@ int do_lockfile(const char *filename)
 	    goto free_the_name;
 	}
-	lockbuf = charalloc(8192);
+	lockbuf = charalloc(LOCKBUFSIZE);
 	do {
-	    readamt = read(lockfd, &lockbuf[readtot], BUFSIZ);
+	    readamt = read(lockfd, &lockbuf[readtot], LOCKBUFSIZE - readtot);
 	    readtot += readamt;
-	} while (readtot < 8192 && readamt > 0);
+	} while (readamt > 0 && readtot < LOCKBUFSIZE);
 	if (readtot < 48) {
 	    statusbar(_("Error reading lock file %s: Not enough data read"),