From 68675c854c08cbd6aeadb624b8d2bc51a0e21fe5 Mon Sep 17 00:00:00 2001
From: ngie <ngie@FreeBSD.org>
Date: Fri, 10 Jun 2016 18:07:35 +0000
Subject: MFC r299508: r299508 (by cem):

kern_descrip_test: Fix trivial buffer overrun with readlink(2)

CID:		1229965, 1229972
---
 tests/sys/kern/kern_descrip_test.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'tests')

diff --git a/tests/sys/kern/kern_descrip_test.c b/tests/sys/kern/kern_descrip_test.c
index 6953b00..07240d7 100644
--- a/tests/sys/kern/kern_descrip_test.c
+++ b/tests/sys/kern/kern_descrip_test.c
@@ -27,6 +27,7 @@
 #include <sys/cdefs.h>
 __FBSDID("$FreeBSD$");
 
+#include <sys/param.h>
 #include <errno.h>
 #include <fcntl.h>
 #include <signal.h>
@@ -170,7 +171,7 @@ ATF_TC_CLEANUP(kern_maxfiles__increase, tc)
 	char buf[80];
 
 	if ((n = readlink(VALUE, buf, sizeof(buf))) > 0) {
-		buf[n] = '\0';
+		buf[MIN((size_t)n, sizeof(buf) - 1)] = '\0';
 		if (sscanf(buf, "%d", &oldmaxfiles) == 1) {
 			oldlen = sizeof(oldmaxfiles);
 			(void) sysctlbyname("kern.maxfiles", NULL, 0,
-- 
cgit v1.1