This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug hurd/10265] New: heap overflow condition in stdlib/canonicalize.c
- From: "rmh at aybabtu dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sources dot redhat dot com
- Date: 11 Jun 2009 22:25:02 -0000
- Subject: [Bug hurd/10265] New: heap overflow condition in stdlib/canonicalize.c
- Reply-to: sourceware-bugzilla at sourceware dot org
The following code in stdlib/canonicalize.c hardcodes path_max to 1024 for
systems that don't have any limit (such as GNU/Hurd):
#ifdef PATH_MAX
path_max = PATH_MAX;
#else
path_max = pathconf (name, _PC_PATH_MAX);
if (path_max <= 0)
path_max = 1024;
#endif
This will result in heap overflows if the canonicalized path expands to
something longer than 1024.
--
Summary: heap overflow condition in stdlib/canonicalize.c
Product: glibc
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: hurd
AssignedTo: roland at gnu dot org
ReportedBy: rmh at aybabtu dot com
CC: glibc-bugs at sources dot redhat dot com
http://sourceware.org/bugzilla/show_bug.cgi?id=10265
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.