[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [address@hidden: Re: serious bug. Evolution and Microsoft mentality.

From: Jeffrey Stedfast
Subject: Re: [address@hidden: Re: serious bug. Evolution and Microsoft mentality.]
Date: 11 Jan 2002 17:08:28 -0500

On Fri, 2002-01-11 at 16:57, Marcus Brinkmann wrote:
> Note that our current glibc implementation (stdlib/canonicalize.c) will
> hardcode a fixed max size of 1024 for the string returned by realpath if
> PATH_MAX and pathconf don't indicate a limit.
> Yes, if you define your own PATH_MAX in your application, and use 512 (or
> anything smaller than 1024), you have a potential buffer overflow for each
> realpath() invocation if your program runs on the Hurd.
> Obviously, realpath() behaviour on non-PATH_MAX systems is not specified.
> Looks like a bug in POSIX to me.

I would agree :-)

> On the GNU system, using canonicalize_file_name is the way to go.  All other
> systems I know are safe because they define PATH_MAX.



Jeffrey Stedfast
Evolution Hacker - Ximian, Inc.  -

reply via email to

[Prev in Thread] Current Thread [Next in Thread]