d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
a7a1762082
freebsd-skq/lib/libc/stdlib
History
kib a7a1762082 Fix several buffer overflows in realpath(3). 
- The statement "left_len -= s - left;" does not take the slash into
  account if one was found. This results in the invariant
  "left[left_len] == '\0'" being violated (and possible buffer
  overflows). The patch replaces the variable "s" with a size_t
  "next_token_len" for more clarity.
- "slen" from readlink(2) can be 0 when encountering empty
  symlinks. Then, further down, "symlink[slen - 1]" underflows the
  buffer. When slen == 0, realpath(3) should probably return ENOENT
  (http://austingroupbugs.net/view.php?id=825,
  https://lwn.net/Articles/551224/).

Some other minor issues:
- The condition "resolved_len >= PATH_MAX" cannot be true.
- Similarly, "s - left >= sizeof(next_token)" cannot be true, as long
  as "sizeof(next_token) >= sizeof(left)".
- Return ENAMETOOLONG when a resolved symlink from readlink(2) is too
  long for the symlink buffer (instead of just truncating it).
- "resolved_len > 1" below the call to readlink(2) is always true as
  "strlcat(resolved, next_token, PATH_MAX);" always results in a
  string of length > 1. Also, "resolved[resolved_len - 1] = '\0';" is
  not needed; there can never be a trailing slash here.
- The truncation check for "strlcat(symlink, left, sizeof(symlink));"
  should be against "sizeof(symlink)" (the third argument to strlcat)
  instead of "sizeof(left)".

Submitted by:	Jan Kokemц╪ller <jan.kokemueller@gmail.com>
PR:	219154
MFC after:	2 weeks
2017-05-15 17:14:53 +00:00
..
jemalloc Replace dot-dot relative pathing with SRCTOP-relative paths where possible 2017-01-20 03:23:24 +00:00
_Exit.c
a64l.3 use .Mt to mark up email addresses consistently (part4) 2014-06-23 08:25:03 +00:00
a64l.c
abort.3
abort.c Use ANSI C prototypes. Eliminates -Wold-style-definition warnings. 2015-09-20 20:24:28 +00:00
abs.3
abs.c Use ANSI C prototypes. Eliminates -Wold-style-definition warnings. 2015-09-20 20:24:28 +00:00
alloca.3
at_quick_exit.3
atexit.3 Various mdoc fixes and a few EOL whitespace removals. 2014-12-21 12:36:36 +00:00
atexit.c Remove names from prototypes 2015-09-20 20:15:44 +00:00
atexit.h
atof.3
atof.c Use ANSI C prototypes. Eliminates -Wold-style-definition warnings. 2015-09-20 20:24:28 +00:00
atoi.3
atoi.c Use ANSI C prototypes. Eliminates -Wold-style-definition warnings. 2015-09-20 20:24:28 +00:00
atol.3
atol.c Use ANSI C prototypes. Eliminates -Wold-style-definition warnings. 2015-09-20 20:24:28 +00:00
atoll.c Use ANSI C prototypes. Eliminates -Wold-style-definition warnings. 2015-09-20 20:24:28 +00:00
bsearch_b.c Add support for some block functions that come from OS X. These are 2014-04-02 16:07:48 +00:00
bsearch.3
bsearch.c Use ANSI C prototypes. Eliminates -Wold-style-definition warnings. 2015-09-20 20:24:28 +00:00
cxa_thread_atexit_impl.c Export __cxa_thread_atexit_impl as an alias for __cxa_thread_atexit. 2017-01-07 16:05:19 +00:00
cxa_thread_atexit.c Export __cxa_thread_atexit_impl as an alias for __cxa_thread_atexit. 2017-01-07 16:05:19 +00:00
div.3
div.c Don't use fixup for C99 and up, the compiler result is already correct. 2016-06-01 10:14:25 +00:00
exit.3 Various mdoc fixes and a few EOL whitespace removals. 2014-12-21 12:36:36 +00:00
exit.c Add __cxa_thread_atexit(3) API implementation. 2016-08-06 13:32:40 +00:00
getenv.3
getenv.c Minor libc cleanup: let calloc(3) do the multiplication. 2017-03-13 04:14:03 +00:00
getopt_long.3 getopt_long.3: wording quibbles 2013-12-13 21:50:03 +00:00
getopt_long.c Merge intermediate OpenBSD v1.25 changes (almost identical to ours) 2014-06-22 21:54:57 +00:00
getopt.3 [mdoc] Fix previous change. 2014-07-08 12:19:34 +00:00
getopt.c getopt(3): recognize option:: as GNU extension for "optional options". 2014-06-22 20:13:57 +00:00
getsubopt.3
getsubopt.c ANSI-fy prototype. 2014-01-14 01:52:34 +00:00
hcreate_r.c Replace implementation of hsearch() by one that scales. 2015-12-27 07:50:11 +00:00
hcreate.3 hcreate(3): fix the ERRORS section and bump .Dd 2017-02-07 02:32:49 +00:00
hcreate.c Replace implementation of hsearch() by one that scales. 2015-12-27 07:50:11 +00:00
hdestroy_r.c Replace implementation of hsearch() by one that scales. 2015-12-27 07:50:11 +00:00
heapsort_b.c Add support for some block functions that come from OS X. These are 2014-04-02 16:07:48 +00:00
heapsort.c libc: spelling fixes. 2016-04-30 01:24:24 +00:00
hsearch_r.c Replace implementation of hsearch() by one that scales. 2015-12-27 07:50:11 +00:00
hsearch.h Replace implementation of hsearch() by one that scales. 2015-12-27 07:50:11 +00:00
imaxabs.3
imaxabs.c
imaxdiv.3
imaxdiv.c Don't use fixup for C99 and up, the compiler result is already correct. 2016-06-01 10:14:25 +00:00
insque.3
insque.c
l64a.c Let l64a() properly null terminate its result. 2016-05-26 20:55:15 +00:00
labs.3
labs.c Use ANSI C prototypes. Eliminates -Wold-style-definition warnings. 2015-09-20 20:24:28 +00:00
ldiv.3
ldiv.c Don't use fixup for C99 and up, the compiler result is already correct. 2016-06-01 10:14:25 +00:00
llabs.3
llabs.c
lldiv.3
lldiv.c Don't use fixup for C99 and up, the compiler result is already correct. 2016-06-01 10:14:25 +00:00
lsearch.3 Fix markup on "\n" in printf so it renders correctly. 2016-04-17 18:25:34 +00:00
lsearch.c Use the __DECONST macro rather than hand rolling the same thing. 2014-10-24 23:25:44 +00:00
Makefile.inc Implement the memset_s(3) function as specified by the C11 ISO/IEC 2017-03-30 04:57:26 +00:00
memory.3
merge.c Remove names from prototypes 2015-09-20 20:15:44 +00:00
mergesort_b.c Add support for some block functions that come from OS X. These are 2014-04-02 16:07:48 +00:00
ptsname.3
ptsname.c
qsort_r.c Silence a warning with GCC that was breaking the build with Juniper's GCC. 2014-04-05 08:17:48 +00:00
qsort.3 Fixed indentation, minor style. 2016-04-18 09:56:41 +00:00
qsort.c Use ANSI C prototypes. Eliminates -Wold-style-definition warnings. 2015-09-20 20:24:28 +00:00
quick_exit.3 Fix quick_exit(3) manual page to match reality - the status was missing. 2014-12-13 21:13:28 +00:00
quick_exit.c
radixsort.3
radixsort.c Use ANSI C prototypes. 2015-09-14 18:44:13 +00:00
rand.3
rand.c 1) Unifdef USE_WEAK_SEEDING since it is too obsolete to support and makes 2016-05-29 13:57:06 +00:00
random.3 Fix typing of srandom() and initstate(). 2016-07-26 20:11:29 +00:00
random.c Add comment on use of abort() in libc 2016-10-12 13:56:14 +00:00
reallocarray.3 Fix major copy/paste and other style errors. 2015-05-05 10:44:17 +00:00
reallocarray.c Import reallocarray(3) from OpenBSD 2015-05-01 18:32:16 +00:00
reallocf.3
reallocf.c
realpath.3
realpath.c Fix several buffer overflows in realpath(3). 2017-05-15 17:14:53 +00:00
remque.c
set_constraint_handler_s.c Implement the memset_s(3) function as specified by the C11 ISO/IEC 2017-03-30 04:57:26 +00:00
strfmon.3 use .Mt to mark up email addresses consistently (part4) 2014-06-23 08:25:03 +00:00
strfmon.c libc: spelling fixes. 2016-04-30 01:24:24 +00:00
strtod.3
strtoimax.c
strtol.3
strtol.c
strtoll.c
strtonum.3
strtonum.c Minor style tweaks. 2014-08-13 03:44:30 +00:00
strtoq.c
strtoul.3
strtoul.c
strtoull.c
strtoumax.c
strtouq.c
Symbol.map Implement the memset_s(3) function as specified by the C11 ISO/IEC 2017-03-30 04:57:26 +00:00
system.3 Document the fact that system(3) can easily be misused due to shell meta 2015-07-25 00:21:29 +00:00
system.c Switch libc from using _sig{procmask,action,suspend} symbols, which 2015-08-29 14:25:01 +00:00
tdelete.c Improve typing of POSIX search tree functions. 2016-10-13 18:25:40 +00:00
tfind.c Improve typing of POSIX search tree functions. 2016-10-13 18:25:40 +00:00
tsearch_path.h Let tsearch()/tdelete() use an AVL tree. 2015-12-22 18:12:11 +00:00
tsearch.3 Improve phrasing of the STANDARDS section. 2016-10-15 08:09:55 +00:00
tsearch.c Improve typing of POSIX search tree functions. 2016-10-13 18:25:40 +00:00
twalk.c Improve typing of POSIX search tree functions. 2016-10-13 18:25:40 +00:00