[pacman-dev] [PATCH] Prevent stack overflow on symbolic link access.
Allan McRae
allan at archlinux.org
Thu Jun 9 05:43:11 UTC 2016
On 07/06/16 04:27, Tobias Stoeckmann wrote:
> On Mon, Jun 06, 2016 at 01:27:52AM -0400, Andrew Gregory wrote:
>> Since we're already talking about unlikely scenarios... My reading of
>> readlink(2) and readlink(3p) suggest this might still run into
>> problems on oddly configured systems. POSIX leaves up to the
>> implementation what happens if bufsize > SSIZE_MAX and nothing
>> guarantees that PATH_MAX is less than SSIZE_MAX.
>
> That is true, in fact we would have to check if PATH_MAX is defined
> at all. If it's not there, we actually would have to call path_conf
> to figure it out. And even then it might be -1 to show that we really
> have no limits at all.
>
> But on the bright side, "currently" this is proven by reality to be
> no issue, after all nobody filed a bug report for his system, that
> pacman does not compile. ;)
Because we do check for PATH_MAX and then define it!
configure.ac:PATH_MAX_DEFINED
More information about the pacman-dev
mailing list