Date: Sat, 3 Apr 2010 13:40:55 +0200 From: Joerg Sonnenberger <joerg@britannica.bec.de> To: svn-src-all@freebsd.org Subject: Re: svn commit: r206043 - in head/usr.sbin/pkg_install: add delete lib version Message-ID: <20100403114055.GC23007@britannica.bec.de> In-Reply-To: <t2n7d6fde3d1004030432mc5588c92ic8de3c260d0677@mail.gmail.com> References: <201004011427.o31ERTaT056824@svn.freebsd.org> <k2m7d6fde3d1004011702ha697cd7bg96cf6bd8f58babb4@mail.gmail.com> <20100402001231.GA16732@britannica.bec.de> <t2n7d6fde3d1004030432mc5588c92ic8de3c260d0677@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Apr 03, 2010 at 04:32:15AM -0700, Garrett Cooper wrote: > I'm sorry but I'm a little bit confused by this statement: do you > mean that you're replacing PATH_MAX sized buffers to FILENAME_MAX > sized buffers? If so this may cause an issue because several of the > variables used in constructing the file paths in pkg_install aren't > necessarily correct in overflow cases. We need to avoid introducing > potential functional flaws with filename truncation like this. No, I am replacing fixed size buffers with variable size buffers. The extraction code should generally be able to support arbitrary deep path names, for the rest the kernel can complain. Joerg
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100403114055.GC23007>