cvs commit: src/usr.sbin/kldxref kldxref.c
Bruce Evans
bde at zeta.org.au
Mon Aug 7 03:59:37 UTC 2006
On Sun, 6 Aug 2006, Dag-Erling [iso-8859-1] Smørgrav wrote:
> Marcel Moolenaar <marcel at FreeBSD.org> writes:
>> Log:
>> Fix (static) buffer overflow bug. The dest buffer is of size MAXPATHLEN,
>> so dest[MAXPATHLEN] falls outside the buffer. This bug corrupted
>> arenas[0] defined in libc's malloc.c on PowerPC when kldxref is shared,
>> which triggered a delayed SIGSERV.
>
> MAXPATHLEN should be spelled PATH_MAX.
Actually, MAXPATHLEN is better since it is honestly unportable. It works
on all [Free]BSD systems, while PATH_MAX only works on POSIX systems that
define it. The correct spelling of PATH_MAX is {PATH_MAX} or:
#if defined(PATH_MAX) && defined(OPTIMIZE_FOR_COMPILE_TIME_CONST_PATH_MAX)
char buf[PATH_MAX];
...
#else
long path_max;
path_max = pathconf(pathname_of_interest, _PC_PATH_MAX);
if (path_max == -1)
handle_error();
assert(path_max > 0 && path_max <= SIZE_MAX)
buf = malloc((size_t)path_max);
if (buf == NULL)
handle_allocation_failure();
...
#endif
The correct spelling is too hard to use for simple unportable utilities
like kldxref.
Bruce
More information about the cvs-src
mailing list