From 3eed6a6f0a400763313bc5dca6e3b22a75166dbe Mon Sep 17 00:00:00 2001 From: Érico Nogueira Date: Sat, 10 Jul 2021 00:24:59 -0300 Subject: fix error checking in pthread_getname_np len is unsigned and can never be smaller than 0. though unlikely, an error in read() would have lead to an out of bounds write to name. Reported-by: Michael Forney --- src/thread/pthread_getname_np.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src') diff --git a/src/thread/pthread_getname_np.c b/src/thread/pthread_getname_np.c index 48d1a294..85504e45 100644 --- a/src/thread/pthread_getname_np.c +++ b/src/thread/pthread_getname_np.c @@ -17,7 +17,7 @@ int pthread_getname_np(pthread_t thread, char *name, size_t len) snprintf(f, sizeof f, "/proc/self/task/%d/comm", thread->tid); pthread_setcancelstate(PTHREAD_CANCEL_DISABLE, &cs); - if ((fd = open(f, O_RDONLY|O_CLOEXEC)) < 0 || (len = read(fd, name, len)) < 0) status = errno; + if ((fd = open(f, O_RDONLY|O_CLOEXEC)) < 0 || (len = read(fd, name, len)) == -1) status = errno; else name[len-1] = 0; /* remove trailing new line only if successful */ if (fd >= 0) close(fd); pthread_setcancelstate(cs, 0); -- cgit 1.4.1