NTFS: Account for null-termination of strings when checking buffer sizes.

May fix #18021.
This commit is contained in:
Augustin Cavalier 2022-10-28 12:26:35 -04:00
parent bfd87e4cc1
commit 75b68ba59d

View File

@ -1223,7 +1223,7 @@ fs_read_dir(fs_volume* _volume, fs_vnode* _node, void* _cookie,
uint32 count = 0; uint32 count = 0;
while (count < maxCount && bufferSize > sizeof(struct dirent)) { while (count < maxCount && bufferSize > sizeof(struct dirent)) {
size_t length = bufferSize - offsetof(struct dirent, d_name); size_t length = bufferSize - offsetof(struct dirent, d_name);
if (length < cookie->current->name_length) { if (length < (cookie->current->name_length + 1)) {
// the remaining name buffer length is too small // the remaining name buffer length is too small
if (count == 0) if (count == 0)
return B_BUFFER_OVERFLOW; return B_BUFFER_OVERFLOW;