This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug hurd/10265] New: heap overflow condition in stdlib/canonicalize.c

From: "rmh at aybabtu dot com" <sourceware-bugzilla at sourceware dot org>
To: glibc-bugs at sources dot redhat dot com
Date: 11 Jun 2009 22:25:02 -0000
Subject: [Bug hurd/10265] New: heap overflow condition in stdlib/canonicalize.c
Reply-to: sourceware-bugzilla at sourceware dot org

The following code in stdlib/canonicalize.c hardcodes path_max to 1024 for
systems that don't have any limit (such as GNU/Hurd):

#ifdef PATH_MAX
  path_max = PATH_MAX;
#else
  path_max = pathconf (name, _PC_PATH_MAX);
  if (path_max <= 0)
    path_max = 1024;
#endif

This will result in heap overflows if the canonicalized path expands to
something longer than 1024.

-- 
           Summary: heap overflow condition in stdlib/canonicalize.c
           Product: glibc
           Version: unspecified
            Status: NEW
          Severity: normal
          Priority: P2
         Component: hurd
        AssignedTo: roland at gnu dot org
        ReportedBy: rmh at aybabtu dot com
                CC: glibc-bugs at sources dot redhat dot com


http://sourceware.org/bugzilla/show_bug.cgi?id=10265

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]