[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: mp4h: Strange? segfault problem
From: |
Svante Signell |
Subject: |
Re: mp4h: Strange? segfault problem |
Date: |
Thu, 29 Dec 2011 08:46:22 +0100 |
On Wed, 2011-12-28 at 22:01 +0100, Samuel Thibault wrote:
> Svante Signell, le Wed 28 Dec 2011 11:26:37 +0100, a écrit :
> > On Wed, 2011-12-28 at 10:33 +0100, Samuel Thibault wrote:
> > > Svante Signell, le Wed 28 Dec 2011 10:17:24 +0100, a écrit :
> >
> > Ok, this comparison was maybe not the best. The main problem remains,
> > for Hurd, how can a too short path string overwrite the environment
> > vector of strings?
>
> Because the environment is just after main's arguments.
The conclusion still holds: realpath is potentially dangerous, it should
either be used with a resolved_path length of PATH_MAX=4096, if defined
or NULL, if not defined. An argument of NULL is equivalent to using
canonicalize_file_name (if _GNU_SOURCE is defined)