From 26833c5547073d80a88a141ac909f38c15e8a766 Mon Sep 17 00:00:00 2001
From: Jakob Kaivo <jkk@ung.org>
Date: Sun, 23 Apr 2023 22:26:34 -0400
Subject: [PATCH] Ensure existing path is NUL-terminated

readlink() doesn't NUL-terminate a string, so leave room for a
NUL, and manually insert it before calling strcmp().

Signed-off-by: Jakob Kaivo <jkk@ung.org>
---
 bubblewrap.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/bubblewrap.c b/bubblewrap.c
index bd918c8a..eec609ef 100644
--- a/bubblewrap.c
+++ b/bubblewrap.c
@@ -1477,8 +1477,9 @@ setup_newroot (bool unshare_pid,
             {
               if (errno == EEXIST)
                 {
-                  char existing[PATH_MAX] = "";
-                  if (readlink (dest, existing, sizeof (existing)) < 0)
+                  char existing[PATH_MAX + 1] = "";
+                  ssize_t elen = readlink (dest, existing, sizeof (existing) - 1);
+                  if (elen < 0)
                     {
                       if (errno == EINVAL)
                         die ("Can't make symlink at %s: destination exists and is not a symlink", op->dest);
@@ -1486,6 +1487,8 @@ setup_newroot (bool unshare_pid,
                         die_with_error ("Can't make symlink at %s: destination exists, and cannot read symlink target", op->dest);
                     }
 
+                  existing[elen] = '\0';
+
                   if (strcmp (existing, op->source) == 0)
                       break;