bug-gnulib
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: module suggestion: realpath

From: Bruno Haible
Subject: Re: module suggestion: realpath
Date: Sat, 27 Oct 2007 00:25:01 +0200
User-agent: KMail/1.5.4 
Sam Steingold wrote:
> CLISP comes with a replacement realpath implementation for platforms
> which lacks it (are there still such platforms?).

If someone provides a correct implementation of realpath for gnulib, we will
accept it. But it's better to use canonicalize_file_name(), because

  - realpath does not have size limitation and associated troubles. Citing the
    Linux manpage:

    BUGS
       Avoid using this function. It is broken by design since it
       is  impossible to determine a suitable size for the output
       buffer, resolved_path.  According to  POSIX  a  buffer  of
       size PATH_MAX suffices, but PATH_MAX need not be a defined
       constant, and may have to be  obtained  using  pathconf().
       And  asking  pathconf() does not really help, since on the
       one hand POSIX warns that the result of pathconf() may  be
       huge and unsuitable for mallocing memory. And on the other
       hand pathconf() may return -1 to signify that PATH_MAX  is
       not bounded.

  - many implementations of realpath have or had buffer overflow problems
    (FreeBSD 4 [1],  OpenBSD [2], NetBSD [3], Solaris [4], Linux libc4 and
    libc5).

Bruno

[1] http://secunia.com/advisories/9423
[2] http://secunia.com/advisories/9447
[3] http://secunia.com/advisories/9446
[4] http://www.securityfocus.com/bid/8315/solution
reply via email to
[Prev in Thread] Current Thread [Next in Thread]