Oops. This was pretty ugly. I narrowed the buffer, but still used umaxtostr. I noticed because it provoked a test failure on an older kernel: 2.6.18-194. I.e., this would fail:
make check -C tests TESTS=ls/stat-failed VERBOSE=yes And this appeared in the log: + diff -u - exp --- - 2010-06-10 11:45:05.018351899 -0400 +++ exp 2010-06-10 11:45:05.000000000 -0400 @@ -1,3 +1,2 @@ -d: total 0 ?????????? ? ? ? s >From 4a6aac042d74defff2f224b1e538c280c02bb5a8 Mon Sep 17 00:00:00 2001 From: Jim Meyering <[email protected]> Date: Thu, 10 Jun 2010 17:49:30 +0200 Subject: [PATCH] ls: avoid buffer overrun * src/ls.c (gobble_file): Revert part of my preceding change, to avoid clobbering stack. --- src/ls.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/src/ls.c b/src/ls.c index 4e0a036..668507e 100644 --- a/src/ls.c +++ b/src/ls.c @@ -2986,7 +2986,7 @@ gobble_file (char const *name, enum filetype type, ino_t inode, if (format == long_format) { - char b[INT_BUFSIZE_BOUND (f->stat.st_nlink)]; + char b[INT_BUFSIZE_BOUND (uintmax_t)]; int b_len = strlen (umaxtostr (f->stat.st_nlink, b)); if (nlink_width < b_len) nlink_width = b_len; -- 1.7.1.501.g23b46
