Date: Sat, 30 Jun 2018 18:15:18 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 229433] overflow at realpath() Message-ID: <bug-229433-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=229433 Bug ID: 229433 Summary: overflow at realpath() Product: Base System Version: CURRENT Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: bin Assignee: bugs@FreeBSD.org Reporter: mishra.dhiraj95@gmail.com File: https://github.com/freebsd/freebsd/blob/master/contrib/mdocml/mandocdb.c#L613 i.e if (realpath(path, buf) == NULL) { This function does not protect against buffer overflows, and some implementations can overflow internally. Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. realpath() output buffers should be large enough to handle the maximum-size possible result from path manipulation functions, at least of size PATH_MAX -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-229433-227>