cygwin build SEGV

egor duda deo@logos-m.ru
Wed Sep 5 13:25:00 GMT 2001


Hi!

Wednesday, 05 September, 2001 Christopher Faylor cgf@redhat.com wrote:

ok, i've reproduced something similar and i believe i know the reason.
in my case set_nt_attribute is called with alloca()ed buffer of size
256, but actual security descriptor is 268 bytes long. Bang. Stack
corrupted. This is a workaround, though i think alloc_sd should check
buffer size, but i cannot produce a patch for this right now.
hopefully, 4k is enough for any sd. And yes, i think it's a
show-stopper.

Egor.            mailto:deo@logos-m.ru ICQ 5165414 FidoNet 2:5020/496.19
alloca-fix.diff
alloca-fix.ChangeLog

-------------- next part --------------
2001-09-06  Egor Duda  <deo@logos-m.ru>

	* dir.cc (mkdir): Expand buffer for security descriptor to 4K to
	avoid stack corruption.
	* fhandler.cc (fhandler_base::open): Ditto.
	* path.cc (symlink): Ditto.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: alloca-fix.diff
Type: text/x-diff
Size: 1734 bytes
Desc: not available
URL: <http://cygwin.com/pipermail/cygwin-patches/attachments/20010905/bfc541df/attachment.bin>


More information about the Cygwin-patches mailing list