From owner-freebsd-audit Fri Mar 2 10:30:46 2001 Delivered-To: freebsd-audit@freebsd.org Received: from harmony.village.org (rover.bsdimp.com [204.144.255.66]) by hub.freebsd.org (Postfix) with ESMTP id D6BB037B718 for ; Fri, 2 Mar 2001 10:30:43 -0800 (PST) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.11.1/8.11.1) with ESMTP id f22IUed58587; Fri, 2 Mar 2001 11:30:40 -0700 (MST) (envelope-from imp@harmony.village.org) Message-Id: <200103021830.f22IUed58587@harmony.village.org> To: "Jacques A. Vidrine" Subject: Re: PATH_MAX vs MAXPATHLEN Cc: audit@freebsd.org In-reply-to: Your message of "Fri, 02 Mar 2001 12:25:02 CST." <20010302122502.B63024@hamlet.nectar.com> References: <20010302122502.B63024@hamlet.nectar.com> <20010302115105.A63024@hamlet.nectar.com> <200103020206.f2226Md53114@harmony.village.org> <20010302115105.A63024@hamlet.nectar.com> <200103021814.f22IE3d58463@harmony.village.org> <200103020206.f2226Md53114@harmony.village.org> Date: Fri, 02 Mar 2001 11:30:40 -0700 From: Warner Losh Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <20010302122502.B63024@hamlet.nectar.com> "Jacques A. Vidrine" writes: : Here, you've changed p_path from MAXPATHLEN+1 to PATH_MAX (in another : chunk below), so the comparison should now be (strlen(target) >= PATH_MAX). : : I haven't looked carefully, but this probably has the same issue. Yes. I've changed both of these to use strlcpy or check as appropriate. : Same issue: should now be (n > PATH_MAX). I think that's right. : > @@ -961,7 +961,7 @@ : > return NULL; : > } : > #endif : > - REALLOC(file, filesz, MAXPATHLEN + 1, NULL); : > + REALLOC(file, filesz, PATH_MAX, NULL); : > for (n = 0; *ibufp != '\n';) : > file[n++] = *ibufp++; : > file[n] = '\0'; : : Et cetera... basically one byte less is getting allocated here and : there, but the length checks have not been updated to reflect this. But there are no length tests with the REALLOC stuff. But I'll go back to the original source and take a look to be sure. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message