chris...@astron.com (Christos Zoulas) wrote: > In article <52713dff.2000...@m00nbsd.net>, > Maxime Villard <m...@m00nbsd.net> wrote: > >Hi, > >I have a question regarding the function tmpfs_alloc_node() in > >fs/tmpfs/tmpfs_subr.c. When alloc'ing the area for symlinks, > >there's this code: > > > >l.171 > > nnode->tn_size = strlen(target); > > if (nnode->tn_size == 0) { > > nnode->tn_spec.tn_lnk.tn_link = NULL; > > break; > > } > > nnode->tn_spec.tn_lnk.tn_link = > > tmpfs_strname_alloc(tmp, nnode->tn_size); > > if (nnode->tn_spec.tn_lnk.tn_link == NULL) { > > tmpfs_node_put(tmp, nnode); > > return ENOSPC; > > } > > memcpy(nnode->tn_spec.tn_lnk.tn_link, target, nnode->tn_size); > > > >Only strlen(target) bytes are allocated for 'target', and only > >strlen(target) bytes are copied from 'target' to 'tn_link'. > > > >Why isn't the '\0' taken into account? Is this intentional? > > I don't think it is from a quick reading. The only reason it works, > is because most of the time it rounds up.
It is not a bug, but it is potentially error-prone. I adjusted the code: http://mail-index.netbsd.org/source-changes/2013/10/31/msg048829.html -- Mindaugas