[PATCH] erofs-utils: fsck: fix extract path length check

[Vansh Choudhary]

erofsfsck_dirent_iter() misses the extra '/' and trailing NUL byte
when checking if the extraction path still fits in the PATH_MAX-sized
buffer.

Account for both bytes to avoid writing past the end of the buffer.

Fixes: 27aeef179bf1 ("erofs-utils: fsck: block insane long paths when extracting images")
Signed-off-by: Vansh Choudhary <ch at vnsh.in>
---
 fsck/main.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/fsck/main.c b/fsck/main.c
index 1254112..daac434 100644
--- a/fsck/main.c
+++ b/fsck/main.c
@@ -902,6 +902,7 @@ static int erofsfsck_dirent_iter(struct erofs_dir_context *ctx)
 {
 	int ret;
 	size_t prev_pos, curr_pos;
+	size_t required;
 
 	if (ctx->dot_dotdot)
 		return 0;
@@ -909,7 +910,11 @@ static int erofsfsck_dirent_iter(struct erofs_dir_context *ctx)
 	prev_pos = fsckcfg.extract_pos;
 	curr_pos = prev_pos;
 
-	if (prev_pos + ctx->de_namelen >= PATH_MAX) {
+	required = prev_pos + ctx->de_namelen;
+	if (fsckcfg.extract_path)
+		required += 2;	/* reserve space for '/' and trailing '\0' */
+
+	if (required >= PATH_MAX) {
 		erofs_err("unable to fsck since the path is too long (%llu)",
 			  (curr_pos + ctx->de_namelen) | 0ULL);
 		return -EOPNOTSUPP;
-- 
2.43.0