Re: integer overflow in /bin/ls

bug-coreutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: integer overflow in /bin/ls

From:	Jim Meyering
Subject:	Re: integer overflow in /bin/ls
Date:	Tue, 14 Oct 2003 16:54:08 +0200

Paul Eggert <address@hidden> wrote:
> Jim Meyering <address@hidden> writes:
>> As you probably noticed, init_column_info allocates O(N^2)
>> space when ls is invoked with `--width=N' and -x or -C.
...
> I don't offhand see how to change the algorithm without giving up its
> optimality.  However, we can easily limit N to the number of files in
> the current directory, and I think that's good enough to foil the
> denial of service attack in practical cases.
>
> Here's a proposed patch to do that.  With this patch, we don't have to
> worry about the -w option; even 'ls -w 9223372036854775807' (on a
> 64-bit host) will do the right thing without exhausting memory (unless
> you're in a directory that contains billions of file names....).
>
> 2003-10-13  Paul Eggert  <address@hidden>
>
>       Fix to avoid a denial-of-service attack if the display width is
>       enormous.  Also, clean up the code a bit by removing duplicate
>       code.

Great!  Thanks again.
I've applied your patch.

[Prev in Thread]

Current Thread

[Next in Thread]

integer overflow in /bin/ls, Georgi Guninski, 2003/10/12
- Re: integer overflow in /bin/ls, Paul Eggert, 2003/10/13
  - Re: integer overflow in /bin/ls, Jim Meyering, 2003/10/13
    - Re: integer overflow in /bin/ls, Paul Eggert, 2003/10/13
    - Re: integer overflow in /bin/ls, Jim Meyering <=

Prev by Date: id -Gn user doesn't show all groups
Next by Date: 'head -n 100k@' doesn't report an error
Previous by thread: Re: integer overflow in /bin/ls
Next by thread: CVS coreutils test problems with du and sort
Index(es):
- Date
- Thread