On Wed, Nov 30, 2016 at 5:52 PM, Denys Vlasenko <[email protected]> wrote: > On Wed, Nov 30, 2016 at 3:46 AM, Daniel Sabogal <[email protected]> wrote: >> The following commands cause busybox to segfault on musl-based systems. >> >> $ install -D a / >> $ install -D a /b >> $ install -D a /b/ >> >> This happens because the code in >> >> https://git.busybox.net/busybox/tree/coreutils/install.c?h=1_25_1#n196 >> >> passes the result of dirname() to bb_make_directory() which modifies its >> contents. For paths of the above forms, musl's dirname returns a string >> literal "/" which shouldn't be modified. >> >> See http://git.musl-libc.org/cgit/musl/tree/src/misc/dirname.c >> >> There are a few other occurrences of the code shown above, but I've not >> checked to see if they could be made to segfault. > > Does this fix the problem? > > /* Bypass leading non-'/'s and then subsequent '/'s */ > while (*s) { > if (*s == '/') { > do { > ++s; > } while (*s == '/'); > c = *s; /* Save the current char */ > ====added line==> if (c) > *s = '\0'; /* and > replace it with nul */ > break;
This does prevent the segfault, but I'm not sure if depending on being able to modify the result of dirname() is reliable. _______________________________________________ busybox mailing list [email protected] http://lists.busybox.net/mailman/listinfo/busybox
