[Bug 229433] overflow at realpath()
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sat Jun 30 18:15:20 UTC 2018
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=229433
Bug ID: 229433
Summary: overflow at realpath()
Product: Base System
Version: CURRENT
Hardware: Any
OS: Any
Status: New
Severity: Affects Many People
Priority: ---
Component: bin
Assignee: bugs at FreeBSD.org
Reporter: mishra.dhiraj95 at gmail.com
File:
https://github.com/freebsd/freebsd/blob/master/contrib/mdocml/mandocdb.c#L613
i.e
if (realpath(path, buf) == NULL) {
This function does not protect against buffer overflows, and some
implementations can overflow internally.
Ensure that the destination buffer is at least of size MAXPATHLEN, andto
protect against implementation problems, the input argument should also be
checked to
ensure it is no larger than MAXPATHLEN.
realpath() output buffers should be large enough to handle the maximum-size
possible result from path manipulation functions, at least of size PATH_MAX
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list