[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: canonicalize-lgpl: support paths of length > 2 GB
From: |
Pádraig Brady |
Subject: |
Re: canonicalize-lgpl: support paths of length > 2 GB |
Date: |
Fri, 14 Oct 2016 13:38:17 +0100 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0 |
On 14/10/16 01:57, Bruno Haible wrote:
> Hi,
>
> If pathconf (name, _PC_PATH_MAX) returns a PATH_MAX value > 2 GB,
> the readlink call in canonicalize-lgpl.c line 292 may return a length > 2 GB,
> therefore the implicit cast (assignment) to 'int' will produce a wrong value.
>
> If you agree with this patch, it'd be a good idea to propagate it into glibc
> (it's the file stdlib/canonicalize.c there).
There is a later cast to (long int) that would
similarly truncate large values on LLP64 systems.
How about something like this as well?
@@ -311,7 +312,7 @@ __realpath (const char *name, char *resolved)
}
len = strlen (end);
- if ((long int) (n + len) >= path_max)
+ if (SIZE_MAX - len <= n || path_max <= n + len)
{
freea (buf);
__set_errno (ENAMETOOLONG);
thanks,
Pádraig