diff options
author | Jacques Vidrine <nectar@FreeBSD.org> | 2003-08-03 23:47:39 +0000 |
---|---|---|
committer | Jacques Vidrine <nectar@FreeBSD.org> | 2003-08-03 23:47:39 +0000 |
commit | 11b343033727270cb1d51f2f03857043cd0289d7 (patch) | |
tree | a5d88e71d256f630c181d59573ea9d400db2e0c1 | |
parent | bcf84153c8d063a1ba9646c8375e8fd083ad6a4b (diff) | |
download | src-test2-11b343033727270cb1d51f2f03857043cd0289d7.tar.gz src-test2-11b343033727270cb1d51f2f03857043cd0289d7.zip |
realpath(3) bug fix: There was an off-by-one error in computing the
size of the resulting canonical path.
Notes
Notes:
svn path=/releng/4.7/; revision=118401
-rw-r--r-- | UPDATING | 3 | ||||
-rw-r--r-- | lib/libc/stdlib/realpath.c | 3 | ||||
-rw-r--r-- | sys/conf/newvers.sh | 2 |
3 files changed, 6 insertions, 2 deletions
@@ -17,6 +17,9 @@ minimal number of processes, if possible, for that patch. For those updates that don't have an advisory, or to be safe, you can do a full build and install as described in the COMMON ITEMS section. +20030804: p11 FreeBSD-SA-03:08.realpath + Correct a single byte buffer overflow in realpath(3). + 20030329: p10 FreeBSD-SA-03:07.sendmail sendmail address parsing buffer overflow. diff --git a/lib/libc/stdlib/realpath.c b/lib/libc/stdlib/realpath.c index 0217dde5f6a6..520624a9fef2 100644 --- a/lib/libc/stdlib/realpath.c +++ b/lib/libc/stdlib/realpath.c @@ -138,7 +138,8 @@ loop: rootd = 0; if (*wbuf) { - if (strlen(resolved) + strlen(wbuf) + rootd + 1 > MAXPATHLEN) { + if (strlen(resolved) + strlen(wbuf) + (1-rootd) + 1 > + MAXPATHLEN) { errno = ENAMETOOLONG; goto err1; } diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh index ddb3271d08a6..15a254cf4c69 100644 --- a/sys/conf/newvers.sh +++ b/sys/conf/newvers.sh @@ -36,7 +36,7 @@ TYPE="FreeBSD" REVISION="4.7" -BRANCH="RELEASE-p10" +BRANCH="RELEASE-p11" RELEASE="${REVISION}-${BRANCH}" VERSION="${TYPE} ${RELEASE}" |