The realpath() function depends on the existence of PATH_MAX, however
PATH_MAX is optional and implementations don't have to define it when
they don't have a limit. Because there doesn't exist a limit,
pathconf("/", _PC_PATH_MAX) returns -1. There is no way to be sure you
have enough bytes in the buffer passed to realpath(), so there is
always a chance of a buffer overflow!
The problem is pretty clear, but the solution isn't. I think the only
possible fix is to define a new function, probably returning a
malloc()'d buffer. But that probably won't go into the TC. Is there
anybody who knows a solution which can go into the TC? Or do we have
to wait for the next version of the standard?
Jeroen Dekkers
--
Jabber supporter - http://www.jabber.org Jabber ID: yyyyyyyy@xxxxxxxxxx
Debian GNU supporter - http://www.debian.org http://www.gnu.org
IRC: yyyyyy@xxxxxxxxxxxx
|
