This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [patch] Fix path length overflow in realpath (BZ#22786)
- From: Andreas Schwab <schwab at suse dot de>
- To: Paul Pluzhnikov <ppluzhnikov at google dot com>
- Cc: "Joseph S. Myers" <joseph at codesourcery dot com>, GLIBC Devel <libc-alpha at sourceware dot org>
- Date: Tue, 08 May 2018 17:29:52 +0200
- Subject: Re: [patch] Fix path length overflow in realpath (BZ#22786)
- References: <CALoOobOyeu6SM7DGPRqmHE6Y7BckFGmEFGeeFKDKjskL4EJDuA@mail.gmail.com> <alpine.DEB.2.20.1804172059000.1402@digraph.polyomino.org.uk> <CALoOobNywsKOoamnNH7=eF28=yoQMsFPy+5O6cgD4oqpVDhARA@mail.gmail.com> <mvmzi1a5h39.fsf@suse.de> <CALoOobNzPmK+5fnxF-cFhkGjOuemGaa3GepJZnb_1m38wb-1xA@mail.gmail.com>
On Mai 08 2018, Paul Pluzhnikov <ppluzhnikov@google.com> wrote:
> On Tue, May 8, 2018 at 7:59 AM Andreas Schwab <schwab@suse.de> wrote:
>
>> On Apr 17 2018, Paul Pluzhnikov <ppluzhnikov@google.com> wrote:
>
>> > diff --git a/stdlib/test-bz22786.c b/stdlib/test-bz22786.c
>> > new file mode 100644
>> > index 0000000000..1b6331ac5c
>> > --- /dev/null
>> > +++ b/stdlib/test-bz22786.c
>> > @@ -0,0 +1,90 @@
>> > +/* Bug 22786: test for stack overflow in realpath.
>
>> This is actually a buffer overflow. Ok with that change.
>
> I am not sure what you mean by that.
>
> The (stack) allocated buffer is large enough
Is it? The condition is about the limit of the buffer being written,
and about overflow missing the limit.
Andreas.
--
Andreas Schwab, SUSE Labs, schwab@suse.de
GPG Key fingerprint = 0196 BAD8 1CE9 1970 F4BE 1748 E4D4 88E3 0EEA B9D7
"And now for something completely different."