Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 6 Nov 2009 18:10:03 GMT
From:      Jilles Tjoelker <jilles@stack.nl>
To:        freebsd-bugs@FreeBSD.org
Subject:   Re: bin/140228: [patch] mktemp(1) buffer overrun
Message-ID:  <200911061810.nA6IA36f004335@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/140228; it has been noted by GNATS.

From: Jilles Tjoelker <jilles@stack.nl>
To: bug-followup@FreeBSD.org, jeremyhu@apple.com
Cc:  
Subject: Re: bin/140228: [patch] mktemp(1) buffer overrun
Date: Fri, 6 Nov 2009 19:05:48 +0100

 It seems more reasonable to have _gettemp() check the length of its
 input string, and fail with ENAMETOOLONG if it is longer than
 MAXPATHLEN. Your patch relies on the kernel to reject names longer than
 MAXPATHLEN with ENAMETOOLONG to avoid it reading past the end of
 carrybuf (in obscure cases).
 
 -- 
 Jilles Tjoelker



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200911061810.nA6IA36f004335>