This is the mail archive of the binutils@sourceware.org mailing list for the binutils project.
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
| Other format: | [Raw text] | |
On 10.11.19 18:33, Orlando Arias wrote:
> Greetings,
>
> On 11/10/19 5:54 AM, Tim Rühsen wrote:
>> Yes, I can confirm. Thanks for review !
>
> Thank you for checking. Please note that I am not a binutils maintainer
> [or reviewer for that matter]. I am just an interested party. Having
> said that
>
>> Returning early on an empty 'name' also fixes another read overflow in
>>
>> #ifdef HAVE_DOS_BASED_FILE_SYSTEM
>> if (name[1] == ':' && IS_DIR_SEPARATOR (name[2]))
>> {
>> p += 3;
>> num_dirs++;
>> }
>> #endif /* HAVE_DOS_BASED_FILE_SYSTEM */
>>
>> Patch v2 appended.
>>
>
> I believe you also need to do something about the ptr_num_dirs that the
> caller may work with at some point. It would also be good to check how
> this function is called within binutils [and other projects that use
> libiberty].
>
> Thank you for your time and efforts.
Thank you for looking into it :-)
The callers of split_directories() check for the return value. If NULL,
they 'goto bailout' (cleanup and return), and ptr_num_dirs is definitely
not used.
Regards, Tim
Attachment:
signature.asc
Description: OpenPGP digital signature
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |