[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [address@hidden: Re: serious bug. Evolution and Microsoft mentality.
From: |
Jeffrey Stedfast |
Subject: |
Re: [address@hidden: Re: serious bug. Evolution and Microsoft mentality.] |
Date: |
11 Jan 2002 17:08:28 -0500 |
On Fri, 2002-01-11 at 16:57, Marcus Brinkmann wrote:
[snip]
>
> Note that our current glibc implementation (stdlib/canonicalize.c) will
> hardcode a fixed max size of 1024 for the string returned by realpath if
> PATH_MAX and pathconf don't indicate a limit.
>
> Yes, if you define your own PATH_MAX in your application, and use 512 (or
> anything smaller than 1024), you have a potential buffer overflow for each
> realpath() invocation if your program runs on the Hurd.
>
> Obviously, realpath() behaviour on non-PATH_MAX systems is not specified.
> Looks like a bug in POSIX to me.
I would agree :-)
>
> On the GNU system, using canonicalize_file_name is the way to go. All other
> systems I know are safe because they define PATH_MAX.
Thanks.
Jeff
--
Jeffrey Stedfast
Evolution Hacker - Ximian, Inc.
fejj@ximian.com - www.ximian.com