Both The Single UNIX ® Specification, Version 2 (1997) and The Open Group Base Specifications Issue 6 (2004) require that readlink
would not place a null-terminated value in buffer
:
APPLICATION USAGE
Conforming applications should not assume that the returned contents of the symbolic link are null-terminated.
What are the considerations in not null-terminating buffer
? Couldn't it pose a security risk when readlink
isn't properly used?
What are the considerations in not null-terminating buffer?
As indicated by the documentation, portability. Most probably there exists(-ed?) wide used implementations of readlink
that do not null-terminate the buffer.
Couldn't it pose a security risk when readlink isn't properly used?
Every piece of bad code that uses something not properly I guess poses a security risk. The programmer is responsible for writing good code that has no security risks. The examples section of posix page shows the proper usage of readlink
.