readlink(2) returns incorrect size for /proc/self/exe
This bug has been copied automatically from: https://bugs.launchpad.net/qemu/+bug/1794086
Reported by 'Oleg Andriyanov' on 2018-09-24 :
readlink(2) seems to ignore the size of supplied buffer for the resolved name and always returns the actual size of the resolved name instead. Steps to reproduce: ```bash echo '#include <stdio.h> #include <stdlib.h> #include <unistd.h> int main(int argc, const char** argv) { if(argc < 2) exit(1); char buf[1]; printf("%d\n", readlink(argv[1], buf, sizeof(buf))); }' >test.c # I used GCC mipsel cross-compiler to reproduce this bug mipsel-linux-gnu-gcc-5.5 test.c -o a.out echo "PWD: `pwd`" qemu-mipsel ./a.out /proc/self/exe ``` Expected output (observed when running a.out natively on Linux 4.17 amd64): ``` PWD: /tmp/test 1 ``` Output observed when running with qemu-mipsel 2.1.2: ``` PWD: /tmp/test 15 ``` According to POSIX description of readlink [1], the function shall return the number of bytes written to the supplied buffer, which obviously cannot exceed size of the buffer. Note that the bug is only reproduced with links within /proc filesystem; links to the regular files within /home are resolved normally. The bug is present in qemu-mipsel 2.1.2: # qemu-mipsel -version qemu-mipsel version 2.1.2 (Debian 1:2.1+dfsg-12+deb8u6), Copyright (c) 2003-2008 Fabrice Bellard [1]: http://pubs.opengroup.org/onlinepubs/009695399/functions/readlink.html