Date: Mon, 7 Aug 2006 13:59:30 +1000 (EST) From: Bruce Evans <bde@zeta.org.au> To: Dag-Erling =?iso-8859-1?Q?Sm=F8rgrav?= <des@des.no> Cc: cvs-src@freebsd.org, Marcel Moolenaar <marcel@freebsd.org>, src-committers@freebsd.org, cvs-all@freebsd.org Subject: Re: cvs commit: src/usr.sbin/kldxref kldxref.c Message-ID: <20060807133921.V6590@delplex.bde.org> In-Reply-To: <8664h6ci86.fsf@xps.des.no> References: <200608042128.k74LShD7052071@repoman.freebsd.org> <8664h6ci86.fsf@xps.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 6 Aug 2006, Dag-Erling [iso-8859-1] Smørgrav wrote:
> Marcel Moolenaar <marcel@FreeBSD.org> writes:
>> Log:
>> Fix (static) buffer overflow bug. The dest buffer is of size MAXPATHLEN,
>> so dest[MAXPATHLEN] falls outside the buffer. This bug corrupted
>> arenas[0] defined in libc's malloc.c on PowerPC when kldxref is shared,
>> which triggered a delayed SIGSERV.
>
> MAXPATHLEN should be spelled PATH_MAX.
Actually, MAXPATHLEN is better since it is honestly unportable. It works
on all [Free]BSD systems, while PATH_MAX only works on POSIX systems that
define it. The correct spelling of PATH_MAX is {PATH_MAX} or:
#if defined(PATH_MAX) && defined(OPTIMIZE_FOR_COMPILE_TIME_CONST_PATH_MAX)
char buf[PATH_MAX];
...
#else
long path_max;
path_max = pathconf(pathname_of_interest, _PC_PATH_MAX);
if (path_max == -1)
handle_error();
assert(path_max > 0 && path_max <= SIZE_MAX)
buf = malloc((size_t)path_max);
if (buf == NULL)
handle_allocation_failure();
...
#endif
The correct spelling is too hard to use for simple unportable utilities
like kldxref.
Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060807133921.V6590>