NTFS: Account for null-termination of strings when checking buffer sizes.
May fix #18021.
This commit is contained in:
parent
bfd87e4cc1
commit
75b68ba59d
@ -1223,7 +1223,7 @@ fs_read_dir(fs_volume* _volume, fs_vnode* _node, void* _cookie,
|
|||||||
uint32 count = 0;
|
uint32 count = 0;
|
||||||
while (count < maxCount && bufferSize > sizeof(struct dirent)) {
|
while (count < maxCount && bufferSize > sizeof(struct dirent)) {
|
||||||
size_t length = bufferSize - offsetof(struct dirent, d_name);
|
size_t length = bufferSize - offsetof(struct dirent, d_name);
|
||||||
if (length < cookie->current->name_length) {
|
if (length < (cookie->current->name_length + 1)) {
|
||||||
// the remaining name buffer length is too small
|
// the remaining name buffer length is too small
|
||||||
if (count == 0)
|
if (count == 0)
|
||||||
return B_BUFFER_OVERFLOW;
|
return B_BUFFER_OVERFLOW;
|
||||||
|
Loading…
Reference in New Issue
Block a user