[ITP] ncdu 1.1
Christian Franke
Christian.Franke@t-online.de
Sat Jun 16 19:29:00 GMT 2007
DePriest, Jason R. wrote:
> I did 'ncdu /proc/registry' and about two hours later, I found it like this, with my bash prompt underneath.
> I didn't cut / paste the box because it would just turn into a bunch of Ä and such.
> I did recreate it with - and | just to give you an idea of what it looked like.
>
> ---Calculating...-------------------------------------------
> | |
> | Total files: 467122 dirs: 222594 size: 0.0 B |
> | Current dir: /proc/registry/HKE.../0/0/0/0/8/4/0/0/0/0/4 |
> | |
> | Warning: could not open /proc/registr...curity/templates |
> | some directory sizes may not be correct |
> | |
> | Calc Press q to quitHangup
> ------------------------------------------------------------
>
>
This is a buffer overflow issue.
ncdu uses PATH_MAX as path buffer size but does not properly check for
overflow.
PATH_MAX is 4096 on Linux, but only 260 on Cygwin.
Pathnames from /proc/registry may be much longer.
(e.g. keys below HKLM\SYSTEM\CurrentControlSet\Control\DeviceClasses)
Christian
More information about the Cygwin-apps
mailing list