From owner-freebsd-hackers Tue May 27 10:18:03 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id KAA22872 for hackers-outgoing; Tue, 27 May 1997 10:18:03 -0700 (PDT) Received: from phaeton.artisoft.com (phaeton.Artisoft.COM [198.17.250.50]) by hub.freebsd.org (8.8.5/8.8.5) with SMTP id KAA22853 for ; Tue, 27 May 1997 10:17:42 -0700 (PDT) Received: (from terry@localhost) by phaeton.artisoft.com (8.6.11/8.6.9) id KAA15554; Tue, 27 May 1997 10:13:53 -0700 From: Terry Lambert Message-Id: <199705271713.KAA15554@phaeton.artisoft.com> Subject: Re: Bug fix for realpath(3). To: shigio@wafu.netgate.net (Shigio Yamaguchi) Date: Tue, 27 May 1997 10:13:53 -0700 (MST) Cc: freebsd-hackers@FreeBSD.ORG, shigio@wafu.netgate.net In-Reply-To: <199705270820.IAA12141@wafu.netgate.net> from "Shigio Yamaguchi" at May 28, 97 01:17:48 am X-Mailer: ELM [version 2.4 PL24] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > Hello, hackers. > I fixed two bugs in realpath(3). Would you please check this? > > 1. Realpath goes into infinite loop. > > % ln -s a b > % ln -s b a > > [user's code] > > char resolved[MAXPATHLEN]; > (void)realpath("a", resolved); /* It will not return */ > > It should break when over MAXSYMLINKS symbolic links are encountered, > like other system calls. It's a library call, but you are right about where it should fail out. 8-). > 2. Realpath has unsafe code. > > [user's code] > > char resolved[MAXPATHLEN]; > (void)realpath("xxx", resolved); > > [realpath's code] > > n = readlink(p, resolved, MAXPATHLEN); > if (n < 0) > goto err1; > resolved[n] = '\0'; /* It's dangerous */ This is actually a bogosity which should be addressed in realpath(3)'s definition. It should probably be: char * realpath(const char *pathname, char resolvedname[MAXPATHLEN+1]) In the manual page, to accout for the NUL. Alternately, it should return a count, just like readlink(), and not NULL terminate the return value. The problem with your fix is that a 1024 byte readlink return is perfectly legal. Regards, Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers.