safety fix for glob's vla usage: disallow patterns longer than PATH_MAX · 0dc99ac413 - Gogs

Pārlūkot izejas kodu

safety fix for glob's vla usage: disallow patterns longer than PATH_MAX

this actually inadvertently disallows some valid patterns with
redundant / or * characters, but it's better than allowing unbounded
vla allocation.

eventually i'll write code to move the pattern to the stack and
eliminate redundancy to ensure that it fits in PATH_MAX at the
beginning of glob. this would also allow it to be modified in place
for passing to fnmatch rather than copied at each level of recursion.

Rich Felker 14 gadi atpakaļ

vecāks

a6c399cf62

revīzija

0dc99ac413

1 mainītis faili ar 2 papildinājumiem un 0 dzēšanām

Dalītais skats Rādīt salīdzināšanas statistiku

						
							+ 2
							
							- 0
						
src/regex/glob.c
							 
								Parādīt failu
							
				@@ -171,6 +171,8 @@ int glob(const char *pat, int flags, int (*errfunc)(const char *path, int err),
			
				 		d = "";
			
				 	}
			
				+	if (strlen(p) > PATH_MAX) return GLOB_NOSPACE;
			
				+
			
				 	if (!errfunc) errfunc = ignore_err;
			
				 	if (!(flags & GLOB_APPEND)) {