From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 29707 invoked by alias); 9 Apr 2018 23:02:25 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Received: (qmail 29330 invoked by uid 89); 9 Apr 2018 23:02:24 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-24.3 required=5.0 tests=AWL,BAYES_00,GIT_PATCH_0,GIT_PATCH_1,GIT_PATCH_2,GIT_PATCH_3,KAM_SHORT,RCVD_IN_DNSWL_NONE,SPF_PASS autolearn=ham version=3.3.2 spammy= X-HELO: mail-wm0-f48.google.com X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=6SDWuvjB422l40Md1L3BSaAi6oic80/zS3kdyE53iZM=; b=Kngbu4y4ueN7QNNxmJZKnsRrVMvhq4SRWrR5Gun9Qm4Ut1UEuPh0i/4Jr1uaFamJms MJ96LuizrhcfQ4b4WiT08qt6VbkvqOmqKDghMO+xdFzSL/f1Dt8Cphn4vAnt0zQYM1H3 SkmDzvUlwO933SjXThZjNt0aj8jMxtvuAupV4X/prOdIxm7rGV7f4p3jIfdm5yIOXYKz 1tNrObqlXGV1+81AVRBFJPnlbQBlA/x+qP9QwTF3d43olGJcO6U+eYq/pC2tq0crDXpe WsXVjUF3iMLU7GS/7htpwIGH9AfYO32tC0H+nxm5xqh1RsDg4Ch+rp8vOBYkDzJ97m8Z EL4w== X-Gm-Message-State: ALQs6tAU6itPLn+PZaW3iWfcDXIiuxGuvBweCiuSW8xqLzQHQ309IvXR ELpFW/uQ0krlJqIYZ7tObQiEgnQKUzU0heN1bxHtV4TcRNg= X-Google-Smtp-Source: AIpwx49qekUEwfANp88+9y4DZsuxorJFIom9VLxHvfSYLszVWLmxNoVOJJPuZ6DGsmvuVA5bfdLwMn6yQQBwDnfglWQ= X-Received: by 10.28.109.80 with SMTP id i77mr73722wmc.46.1523314938304; Mon, 09 Apr 2018 16:02:18 -0700 (PDT) MIME-Version: 1.0 From: Paul Pluzhnikov Date: Mon, 09 Apr 2018 23:02:00 -0000 Message-ID: Subject: [patch] Fix path length overflow in realpath (BZ#22786) To: GLIBC Devel Content-Type: multipart/mixed; boundary="001a1147dabac834a30569726578" X-SW-Source: 2018-04/txt/msg00181.txt.bz2 --001a1147dabac834a30569726578 Content-Type: text/plain; charset="UTF-8" Content-length: 357 Greetings, Attached is a trivial fix, and a test case. Thanks, 2018-04-09 Paul Pluzhnikov [BZ #22786] * stdlib/canonicalize.c (__realpath): Fix overflow in path length computation. * stdlib/Makefile (test-bz22786): New test. * stdlib/test-bz22786.c: New test. -- Paul Pluzhnikov --001a1147dabac834a30569726578 Content-Type: text/plain; charset="US-ASCII"; name="glibc-bz22786-20180409.txt" Content-Disposition: attachment; filename="glibc-bz22786-20180409.txt" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: f_jfsuabti0 Content-length: 5157 ZGlmZiAtLWdpdCBhL3N0ZGxpYi9NYWtlZmlsZSBiL3N0ZGxpYi9NYWtlZmls ZQppbmRleCBhZjE2NDNjMGM0Li5kMDRhZmQ2MmM4IDEwMDY0NAotLS0gYS9z dGRsaWIvTWFrZWZpbGUKKysrIGIvc3RkbGliL01ha2VmaWxlCkBAIC04NCw3 ICs4NCw3IEBAIHRlc3RzCQk6PSB0c3Qtc3RydG9sIHRzdC1zdHJ0b2QgdGVz dG1iIHRlc3RyYW5kIHRlc3Rzb3J0IHRlc3RkaXYgICBcCiAJCSAgIHRzdC1j eGFfYXRleGl0IHRzdC1vbl9leGl0IHRlc3QtYXRleGl0LXJhY2UgCQkgICAg XAogCQkgICB0ZXN0LWF0X3F1aWNrX2V4aXQtcmFjZSB0ZXN0LWN4YV9hdGV4 aXQtcmFjZSAgICAgICAgICAgICBcCiAJCSAgIHRlc3Qtb25fZXhpdC1yYWNl IHRlc3QtZGxjbG9zZS1leGl0LXJhY2UgCQkgICAgXAotCQkgICB0c3QtbWFr ZWNvbnRleHQtYWxpZ24KKwkJICAgdHN0LW1ha2Vjb250ZXh0LWFsaWduIHRl c3QtYnoyMjc4NgogCiB0ZXN0cy1pbnRlcm5hbAk6PSB0c3Qtc3RydG9kMWkg dHN0LXN0cnRvZDMgdHN0LXN0cnRvZDQgdHN0LXN0cnRvZDVpIFwKIAkJICAg dHN0LXRscy1hdGV4aXQgdHN0LXRscy1hdGV4aXQtbm9kZWxldGUKQEAgLTE1 Niw2ICsxNTYsOSBAQCBDRkxBR1MtdHN0LXFzb3J0LmMgKz0gJChzdGFjay1h bGlnbi10ZXN0LWZsYWdzKQogQ0ZMQUdTLXRzdC1tYWtlY29udGV4dC5jICs9 IC1mdW53aW5kLXRhYmxlcwogQ0ZMQUdTLXRzdC1tYWtlY29udGV4dDIuYyAr PSAkKHN0YWNrLWFsaWduLXRlc3QtZmxhZ3MpCiAKKyMgc3VwcHJlc3Mgd2Fy bmluZ3MgYWJvdXQgYWxsb2NhdGlvbiBzaXplLgorQ0ZMQUdTLXRlc3QtYnoy Mjc4Ni5jICs9ICQoK2djYy1ub3dhcm4pCisKICMgUnVuIGEgdGVzdCBvbiB0 aGUgaGVhZGVyIGZpbGVzIHdlIHVzZS4KIHRlc3RzLXNwZWNpYWwgKz0gJChv YmpwZngpaXNvbWFjLm91dAogCmRpZmYgLS1naXQgYS9zdGRsaWIvY2Fub25p Y2FsaXplLmMgYi9zdGRsaWIvY2Fub25pY2FsaXplLmMKaW5kZXggNDEzNWYz ZjMzYy4uMzkwZmI0MzdhOCAxMDA2NDQKLS0tIGEvc3RkbGliL2Nhbm9uaWNh bGl6ZS5jCisrKyBiL3N0ZGxpYi9jYW5vbmljYWxpemUuYwpAQCAtMTgxLDcg KzE4MSw3IEBAIF9fcmVhbHBhdGggKGNvbnN0IGNoYXIgKm5hbWUsIGNoYXIg KnJlc29sdmVkKQogCQlleHRyYV9idWYgPSBfX2FsbG9jYSAocGF0aF9tYXgp OwogCiAJICAgICAgbGVuID0gc3RybGVuIChlbmQpOwotCSAgICAgIGlmICgo bG9uZyBpbnQpIChuICsgbGVuKSA+PSBwYXRoX21heCkKKwkgICAgICBpZiAo cGF0aF9tYXggLSBuIDw9IGxlbikKIAkJewogCQkgIF9fc2V0X2Vycm5vIChF TkFNRVRPT0xPTkcpOwogCQkgIGdvdG8gZXJyb3I7CmRpZmYgLS1naXQgYS9z dGRsaWIvdGVzdC1iejIyNzg2LmMgYi9zdGRsaWIvdGVzdC1iejIyNzg2LmMK bmV3IGZpbGUgbW9kZSAxMDA2NDQKaW5kZXggMDAwMDAwMDAwMC4uMzI5YzQy OTdjZQotLS0gL2Rldi9udWxsCisrKyBiL3N0ZGxpYi90ZXN0LWJ6MjI3ODYu YwpAQCAtMCwwICsxLDgwIEBACisvKiBCdWcgMjI3ODY6IHRlc3QgZm9yIHN0 YWNrIG92ZXJmbG93IGluIHJlYWxwYXRoLgorICAgQ29weXJpZ2h0IChDKSAy MDE3LTIwMTggRnJlZSBTb2Z0d2FyZSBGb3VuZGF0aW9uLCBJbmMuCisgICBU aGlzIGZpbGUgaXMgcGFydCBvZiB0aGUgR05VIEMgTGlicmFyeS4KKworICAg VGhlIEdOVSBDIExpYnJhcnkgaXMgZnJlZSBzb2Z0d2FyZTsgeW91IGNhbiBy ZWRpc3RyaWJ1dGUgaXQgYW5kL29yCisgICBtb2RpZnkgaXQgdW5kZXIgdGhl IHRlcm1zIG9mIHRoZSBHTlUgTGVzc2VyIEdlbmVyYWwgUHVibGljCisgICBM aWNlbnNlIGFzIHB1Ymxpc2hlZCBieSB0aGUgRnJlZSBTb2Z0d2FyZSBGb3Vu ZGF0aW9uOyBlaXRoZXIKKyAgIHZlcnNpb24gMi4xIG9mIHRoZSBMaWNlbnNl LCBvciAoYXQgeW91ciBvcHRpb24pIGFueSBsYXRlciB2ZXJzaW9uLgorCisg ICBUaGUgR05VIEMgTGlicmFyeSBpcyBkaXN0cmlidXRlZCBpbiB0aGUgaG9w ZSB0aGF0IGl0IHdpbGwgYmUgdXNlZnVsLAorICAgYnV0IFdJVEhPVVQgQU5Z IFdBUlJBTlRZOyB3aXRob3V0IGV2ZW4gdGhlIGltcGxpZWQgd2FycmFudHkg b2YKKyAgIE1FUkNIQU5UQUJJTElUWSBvciBGSVRORVNTIEZPUiBBIFBBUlRJ Q1VMQVIgUFVSUE9TRS4gIFNlZSB0aGUgR05VCisgICBMZXNzZXIgR2VuZXJh bCBQdWJsaWMgTGljZW5zZSBmb3IgbW9yZSBkZXRhaWxzLgorCisgICBZb3Ug c2hvdWxkIGhhdmUgcmVjZWl2ZWQgYSBjb3B5IG9mIHRoZSBHTlUgTGVzc2Vy IEdlbmVyYWwgUHVibGljCisgICBMaWNlbnNlIGFsb25nIHdpdGggdGhlIEdO VSBDIExpYnJhcnk7IGlmIG5vdCwgc2VlCisgICA8aHR0cDovL3d3dy5nbnUu b3JnL2xpY2Vuc2VzLz4uICAqLworCisvKiBUaGlzIGZpbGUgbXVzdCBiZSBy dW4gZnJvbSB3aXRoaW4gYSBkaXJlY3RvcnkgY2FsbGVkICJzdGRsaWIiLiAg Ki8KKworI2luY2x1ZGUgPGVycm5vLmg+CisjaW5jbHVkZSA8bGltaXRzLmg+ CisjaW5jbHVkZSA8c3RkaW8uaD4KKyNpbmNsdWRlIDxzdGRsaWIuaD4KKyNp bmNsdWRlIDxzdHJpbmcuaD4KKyNpbmNsdWRlIDx1bmlzdGQuaD4KKyNpbmNs dWRlIDxzeXMvc3RhdC5oPgorI2luY2x1ZGUgPHN5cy90eXBlcy5oPgorCitz dGF0aWMgaW50Citkb190ZXN0ICh2b2lkKQoreworICBjb25zdCBjaGFyIGRp cltdID0gImJ6MjI3ODYiOworICBjb25zdCBjaGFyIGxua1tdID0gImJ6MjI3 ODYvc3ltbGluayI7CisKKyAgcm1kaXIgKGRpcik7CisgIGlmIChta2RpciAo ZGlyLCAwNzU1KSAhPSAwICYmIGVycm5vICE9IEVFWElTVCkKKyAgICB7Cisg ICAgICBwcmludGYgKCJta2RpciAlczogJW1cbiIsIGRpcik7CisgICAgICBy ZXR1cm4gRVhJVF9GQUlMVVJFOworICAgIH0KKyAgaWYgKHN5bWxpbmsgKCIu IiwgbG5rKSAhPSAwICYmIGVycm5vICE9IEVFWElTVCkKKyAgICB7CisgICAg ICBwcmludGYgKCJzeW1saW5rICglcywgJXMpOiAlbVxuIiwgZGlyLCBsbmsp OworICAgICAgcmV0dXJuIEVYSVRfRkFJTFVSRTsKKyAgICB9CisKKyAgY29u c3Qgc2l6ZV90IHBhdGhfbGVuID0gKHNpemVfdCkgSU5UX01BWCArIDE7Cisg IGNoYXIgKnBhdGggPSBtYWxsb2MocGF0aF9sZW4pOworCisgIGlmIChwYXRo ID09IE5VTEwpCisgICAgeworICAgICAgcHJpbnRmICgibWFsbG9jICglenUp OiAlbVxuIiwgcGF0aF9sZW4pOworICAgICAgcmV0dXJuIEVYSVRfRkFJTFVS RTsKKyAgICB9CisKKyAgLyogQ29uc3RydWN0IHZlcnkgbG9uZyBwYXRoID0g ImJ6MjI3ODYvc3ltbGluay9hYWFhLi4uLi4iICAqLworICBjaGFyICpwID0g bWVtcGNweSAocGF0aCwgbG5rLCBzaXplb2YgKGxuaykgLSAxKTsKKyAgKihw KyspID0gJy8nOworICBtZW1zZXQgKHAsICdhJywgcGF0aF9sZW4gLSAocGF0 aCAtIHApIC0gMik7CisgIHBbcGF0aF9sZW4gLSAocGF0aCAtIHApIC0gMV0g PSAnXDAnOworCisgIC8qIFRoaXMgY2FsbCBjcmFzaGVzIGJlZm9yZSB0aGUg Zml4IGZvciBiejIyNzg2IG9uIDMyLWJpdCBwbGF0Zm9ybXMuICAqLworICBw ID0gcmVhbHBhdGggKHBhdGgsIE5VTEwpOworCisgIGlmIChwICE9IE5VTEwg fHwgZXJybm8gIT0gRU5BTUVUT09MT05HKQorICAgIHsKKyAgICAgIHByaW50 ZiAoInJlYWxwYXRoOiAlcyAoJW0pIiwgcCk7CisgICAgICByZXR1cm4gRVhJ VF9GQUlMVVJFOworICAgIH0KKworICAvKiBDbGVhbnVwLiAgKi8KKyAgdW5s aW5rIChsbmspOworICBybWRpciAoZGlyKTsKKworICByZXR1cm4gMDsKK30K KworI2RlZmluZSBURVNUX0ZVTkNUSU9OIGRvX3Rlc3QKKyNpbmNsdWRlIDxz dXBwb3J0L3Rlc3QtZHJpdmVyLmM+Cg== --001a1147dabac834a30569726578--