This is the mail archive of the
libstdc++@gcc.gnu.org
mailing list for the libstdc++ project.
Re: [patch] libstdc++/67747 Allocate space for dirent::d_name
- From: Sebastian Huber <sebastian dot huber at embedded-brains dot de>
- To: Florian Weimer <fweimer at redhat dot com>, libstdc++ at gcc dot gnu dot org, gcc-patches at gcc dot gnu dot org
- Date: Fri, 2 Oct 2015 14:37:43 +0200
- Subject: Re: [patch] libstdc++/67747 Allocate space for dirent::d_name
- Authentication-results: sourceware.org; auth=none
- References: <20150929113726 dot GU12094 at redhat dot com> <560E759E dot 2000005 at redhat dot com>
On 02/10/15 14:16, Florian Weimer wrote:
On 09/29/2015 01:37 PM, Jonathan Wakely wrote:
>POSIX says that dirent::d_name has an unspecified length, so calls to
>readdir_r must pass a buffer with enough trailing space for
>{NAME_MAX}+1 characters. I wasn't doing that, which works OK on
>GNU/Linux and BSD where d_name is a large array, but fails on Solaris
>32-bit.
>
>This uses pathconf to get NAME_MAX and allocates a buffer.
This still has a buffer overflow on certain file systems.
You must not use readdir_r, it is deprecated and always insecure. We
should probably mark it as such in the glibc headers.
The READDIR(3) man page should be updated as well, since it doesn't
mention that readdir_r() is deprecated and always insecure.
--
Sebastian Huber, embedded brains GmbH
Address : Dornierstr. 4, D-82178 Puchheim, Germany
Phone : +49 89 189 47 41-16
Fax : +49 89 189 47 41-09
E-Mail : sebastian.huber@embedded-brains.de
PGP : Public key available on request.
Diese Nachricht ist keine geschäftliche Mitteilung im Sinne des EHUG.