[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
FYI: windows opendir/readdir issue
From: |
Ralf Wildenhues |
Subject: |
FYI: windows opendir/readdir issue |
Date: |
Sat, 18 Dec 2004 21:48:14 +0100 |
User-agent: |
Mutt/1.5.6+20040907i |
Attachment #1 already applied to branch-1.5. It fixes a read past end
of buffer and a couple of write past end of buffer in the opendir and
readdir replacement functions used on windows only (cygwin, mingw).
Since only a constant string is allowed to be written, it seems very
unlikely to be useful as an attack vector, even in the very unlikely
setup that the search path environment variables and similar data are
actually not trusted. Not that Libtool ever guaranteed to be usable
for such a setup anyway.
OK to apply attachment #2 to branch-2-0 and HEAD (will do so tomorrow
unless anybody complains)?
Regards,
Ralf
dirent-1.5.diff
Description: Text document
dirent-2.0.diff
Description: Text document
- FYI: windows opendir/readdir issue,
Ralf Wildenhues <=