This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [patch] Fix path length overflow in realpath (BZ#22786)

From: Paul Pluzhnikov <ppluzhnikov at google dot com>
To: Andreas Schwab <schwab at suse dot de>
Cc: "Joseph S. Myers" <joseph at codesourcery dot com>, GLIBC Devel <libc-alpha at sourceware dot org>
Date: Tue, 08 May 2018 15:10:58 +0000
Subject: Re: [patch] Fix path length overflow in realpath (BZ#22786)
References: <CALoOobOyeu6SM7DGPRqmHE6Y7BckFGmEFGeeFKDKjskL4EJDuA@mail.gmail.com> <alpine.DEB.2.20.1804172059000.1402@digraph.polyomino.org.uk> <CALoOobNywsKOoamnNH7=eF28=yoQMsFPy+5O6cgD4oqpVDhARA@mail.gmail.com> <mvmzi1a5h39.fsf@suse.de>

On Tue, May 8, 2018 at 7:59 AM Andreas Schwab <schwab@suse.de> wrote:

> On Apr 17 2018, Paul Pluzhnikov <ppluzhnikov@google.com> wrote:

> > diff --git a/stdlib/test-bz22786.c b/stdlib/test-bz22786.c
> > new file mode 100644
> > index 0000000000..1b6331ac5c
> > --- /dev/null
> > +++ b/stdlib/test-bz22786.c
> > @@ -0,0 +1,90 @@
> > +/* Bug 22786: test for stack overflow in realpath.

> This is actually a buffer overflow.  Ok with that change.

I am not sure what you mean by that.

The (stack) allocated buffer is large enough, so technically there is no
buffer overflow here (at least not in the sense that "allocated buffer was
too small"). But the stack is not large enough to hold the buffer of that
size.

-- 
Paul Pluzhnikov

Follow-Ups:
- Re: [patch] Fix path length overflow in realpath (BZ#22786)
  - From: Andreas Schwab

References:
- Re: [patch] Fix path length overflow in realpath (BZ#22786)
  - From: Andreas Schwab

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]