bug-coreutils
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#10472: [PATCH] canonicalize: fix // handling


From: Eric Blake
Subject: bug#10472: [PATCH] canonicalize: fix // handling
Date: Sat, 04 Feb 2012 10:59:21 -0700
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0) Gecko/20120131 Thunderbird/10.0

On 02/04/2012 09:56 AM, Eric Blake wrote:
> On Cygwin, and other platforms where // is detected as distinct
> from / at configure time, the canonicalize routines were incorrectly
> treating all instances of multiple leading slashes as //.
> See also coreutils bug http://debbugs.gnu.org/10472
> 
> * lib/canonicalize.c (canonicalize_filename_mode): Don't convert
> /// to //, since only // is special.
> 

> +++ b/lib/canonicalize.c
> @@ -145,7 +145,7 @@ canonicalize_filename_mode (const char *name, 
> canonicalize_mode_t can_mode)
>        rname_limit = rname + PATH_MAX;
>        rname[0] = '/';
>        dest = rname + 1;
> -      if (DOUBLE_SLASH_IS_DISTINCT_ROOT && name[1] == '/')
> +      if (DOUBLE_SLASH_IS_DISTINCT_ROOT && name[1] == '/' && name[2] != '/')
>          *dest++ = '/';

This never initializes rname[1] if name is "///",

> @@ -295,7 +296,8 @@ canonicalize_filename_mode (const char *name, 
> canonicalize_mode_t can_mode)
>      }
>    if (dest > rname + 1 && dest[-1] == '/')
>      --dest;
> -  if (DOUBLE_SLASH_IS_DISTINCT_ROOT && dest == rname + 1 && *dest == '/')
> +  if (DOUBLE_SLASH_IS_DISTINCT_ROOT && dest == rname + 1
> +      && *dest == '/' && dest[1] != '/')
>      dest++;

which meant this was reading uninitialized memory, and depending on what
was in the heap, might canonicalize "///" to "/" or "//".  I'm pushing
this additional fix to both files:

diff --git i/lib/canonicalize-lgpl.c w/lib/canonicalize-lgpl.c
index a61bef9..08e76fe 100644
--- i/lib/canonicalize-lgpl.c
+++ w/lib/canonicalize-lgpl.c
@@ -158,6 +158,7 @@ __realpath (const char *name, char *resolved)
       dest = rpath + 1;
       if (DOUBLE_SLASH_IS_DISTINCT_ROOT && name[1] == '/' && name[2] !=
'/')
         *dest++ = '/';
+      *dest = '\0';
     }

   for (start = end = name; *start; start = end)
diff --git i/lib/canonicalize.c w/lib/canonicalize.c
index ed094b7..2c73094 100644
--- i/lib/canonicalize.c
+++ w/lib/canonicalize.c
@@ -147,6 +147,7 @@ canonicalize_filename_mode (const char *name,
canonicalize_mode_t can_mode)
       dest = rname + 1;
       if (DOUBLE_SLASH_IS_DISTINCT_ROOT && name[1] == '/' && name[2] !=
'/')
         *dest++ = '/';
+      *dest = '\0';
     }

   for (start = name; *start; start = end)


-- 
Eric Blake   address@hidden    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]