selftests/nolibc: prevent out of bounds access in expect_vfprintf

If read() fails and returns -1 (or returns garbage for some other
reason) buf would be accessed out of bounds.
Only use the return value of read() after it has been validated.

Signed-off-by: Thomas Weißschuh <linux@weissschuh.net>
Signed-off-by: Willy Tarreau <w@1wt.eu>

diff --git a/tools/testing/selftests/nolibc/nolibc-test.c b/tools/testing/selftests/nolibc/nolibc-test.c
index 23a5e4c5708330a9ba5b0eb989d9d7708a90b98e..e2b70641a1e76503b3d01319d6a13ce1493ff0f2 100644 (file)
--- a/tools/testing/selftests/nolibc/nolibc-test.c
+++ b/tools/testing/selftests/nolibc/nolibc-test.c
@@ -1051,7 +1051,6 @@ static int expect_vfprintf(int llen, int c, const char *expected, const char *fm
        lseek(fd, 0, SEEK_SET);
 
        r = read(fd, buf, sizeof(buf) - 1);
-       buf[r] = '\0';
 
        fclose(memfile);
 
@@ -1061,6 +1060,7 @@ static int expect_vfprintf(int llen, int c, const char *expected, const char *fm
                return 1;
        }
 
+       buf[r] = '\0';
        llen += printf(" \"%s\" = \"%s\"", expected, buf);
        ret = strncmp(expected, buf, c);