| To: | yyyyyyyyyyyyyyy@xxxxxxxxxxxxx |
|---|---|
| Subject: | Defect in XSH realpath() |
| From: | yyyyyy@xxxxxxxxxx |
| Date: | Tue, 30 Apr 2002 19:13:31 +0100 (BST) |
Defect report from : Jeroen Dekkers , none
(Please direct followup comments direct to yyyyyyyyyyyyyy@xxxxxxxxxxxxx)
@ page 1185-1186 line 0 section realpath() objection {1}
Problem:
Defect code : 1. Error
The realpath() function depends on the existence of PATH_MAX, however
PATH_MAX is optional and implementations don't have to define it when
they don't have a limit. Because there doesn't exist a limit,
pathconf("/", _PC_PATH_MAX) returns -1. There is no way to be sure you
have enough bytes in the buffer passed to realpath(), so there is
always the danger of a buffer overflow!
Action:
Make the behavior unspecified if a NULL pointer is passed so that an
implementation could malloc the buffer. Add "If resolved_name is a null
pointer, the behavior of realpath() is unspecified" to the desciption.
Change the reason of returning EINVAL to "The file_name argument is a null
pointer".
The rationale of getcwd() could be copied to describe why this behavior is
unspecified.
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | BUG in XSH Issue 6, Jack McCann |
|---|---|
| Next by Date: | Defect in XBD Regular Expressions, eggert |
| Previous by Thread: | BUG in XSH Issue 6, Jack McCann |
| Next by Thread: | Defect in XSH realpath(), don.cragun |
| Indexes: | [Date] [Thread] [All Lists] |