Check length of filenames before strcat

Just in case someone tries to set up a series of links to trick us, do a
quick sanity check on the total length of the strings we're about to
concatenate.

Change-Id: Iba9617008dbc1e93e1907393052caf1e52fbe312

diff --git a/Process.cpp b/Process.cpp
index c3c9904..4eff92a 100644 (file)
--- a/Process.cpp
+++ b/Process.cpp
@@ -97,7 +97,8 @@ int Process::checkFileDescriptorSymLinks(int pid, const char *mountPoint, char *
 
     struct dirent* de;
     while ((de = readdir(dir))) {
-        if (!strcmp(de->d_name, ".") || !strcmp(de->d_name, ".."))
+        if (!strcmp(de->d_name, ".") || !strcmp(de->d_name, "..")
+                || strlen(de->d_name) + parent_length + 1 >= PATH_MAX)
             continue;
         
         // append the file name, after truncating to parent directory