In open_binary_fd: when using buffer size for strl* and snprintf,

always use >= instead of > to avoid truncation. Reviewed by: kib Differential Revision: https://reviews.freebsd.org/D11474 MFC after: 3 days
svn path=/head/; revision=320665
2017-07-05 06:12:21 +00:00 · 2017-07-05 06:12:21 +00:00 · 2bbd226f5a · 2020-12-20 02:59:44 +00:00
commit 2bbd226f5a
parent e7df11b869
1 changed files with 3 additions and 3 deletions
--- a/libexec/rtld-elf/rtld.c
+++ b/libexec/rtld-elf/rtld.c
@ -5300,14 +5300,14 @@ open_binary_fd(const char *argv0, bool search_in_path)
 		fd = -1;
 		errno = ENOENT;
 		while ((pe = strsep(&pathenv, ":")) != NULL) {
-			if (strlcpy(binpath, pe, sizeof(binpath)) >
+			if (strlcpy(binpath, pe, sizeof(binpath)) >=
 			    sizeof(binpath))
 				continue;
 			if (binpath[0] != '\0' &&
-			    strlcat(binpath, "/", sizeof(binpath)) >
+			    strlcat(binpath, "/", sizeof(binpath)) >=
 			    sizeof(binpath))
 				continue;
-			if (strlcat(binpath, argv0, sizeof(binpath)) >
+			if (strlcat(binpath, argv0, sizeof(binpath)) >=
 			    sizeof(binpath))
 				continue;
 			fd = open(binpath, O_RDONLY | O_CLOEXEC | O_VERIFY);