Date: Sat, 3 Apr 2010 13:40:55 +0200 From: Joerg Sonnenberger <joerg@britannica.bec.de> To: svn-src-all@freebsd.org Subject: Re: svn commit: r206043 - in head/usr.sbin/pkg_install: add delete lib version Message-ID: <20100403114055.GC23007@britannica.bec.de> In-Reply-To: <t2n7d6fde3d1004030432mc5588c92ic8de3c260d0677@mail.gmail.com> References: <201004011427.o31ERTaT056824@svn.freebsd.org> <k2m7d6fde3d1004011702ha697cd7bg96cf6bd8f58babb4@mail.gmail.com> <20100402001231.GA16732@britannica.bec.de> <t2n7d6fde3d1004030432mc5588c92ic8de3c260d0677@mail.gmail.com>
index | next in thread | previous in thread | raw e-mail
On Sat, Apr 03, 2010 at 04:32:15AM -0700, Garrett Cooper wrote: > I'm sorry but I'm a little bit confused by this statement: do you > mean that you're replacing PATH_MAX sized buffers to FILENAME_MAX > sized buffers? If so this may cause an issue because several of the > variables used in constructing the file paths in pkg_install aren't > necessarily correct in overflow cases. We need to avoid introducing > potential functional flaws with filename truncation like this. No, I am replacing fixed size buffers with variable size buffers. The extraction code should generally be able to support arbitrary deep path names, for the rest the kernel can complain. Joerghome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100403114055.GC23007>