Fix: memory corruption in compat.h

Found by Coverity:

CID 1357641 (#1 of 1): Out-of-bounds write (OVERRUN)2. sprintf_overrun:
sprintf will overrun its first argument &name[len] which can accommodate
4 bytes. The number of bytes written may be 5 bytes, including the
terminating null.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>

diff --git a/liblttng-ust/compat.h b/liblttng-ust/compat.h
index de5e64775004dfefb87fb7e1210016b855eabb88..cd83b46ba8e4000dc901f2e5adddca8debf59977 100644 (file)
--- a/liblttng-ust/compat.h
+++ b/liblttng-ust/compat.h
@@ -100,7 +100,7 @@ int lttng_ust_setustprocname(void)
 {
        int ret = 0, len;
        char name[LTTNG_UST_PROCNAME_LEN];
-       int limit = LTTNG_UST_PROCNAME_LEN - strlen(LTTNG_UST_PROCNAME_SUFFIX);
+       int limit = LTTNG_UST_PROCNAME_LEN - strlen(LTTNG_UST_PROCNAME_SUFFIX) - 1;
 
        lttng_ust_getprocname(name);