On 02/08/2012 03:13 AM, Pádraig Brady wrote: >> From d1f3998942236194f1894c45804ec947d07ed134 Mon Sep 17 00:00:00 2001 >> From: Eric Blake <[email protected]> >> Date: Sat, 4 Feb 2012 11:11:40 -0700 >> Subject: [PATCH] canonicalize: avoid uninitialized memory use >> >> When DOUBLE_SLASH_IS_DISTINCT_ROOT is non-zero, then we were >> reading the contents of rpath[1] even when we had never written >> anything there, which meant that "///" would usually canonicalize >> to "/" but sometimes to "//" if a '/' was leftover in the heap. >> This condition could also occur via 'ln -s / //some/path' and >> canonicalizing //some/path, where we rewind rpath but do not >> clear out the previous round. Platforms where "//" and "/" are >> equivalent do not suffer from this read-beyond-written bounds. >>
> > Thanks for handling this Eric. No problem. > I was wondering if you had seen this and what overlap there is? > http://lists.gnu.org/archive/html/bug-gnulib/2012-01/msg00253.html I saw it go by, but never looked at it closely. I guess it's time to revive that thread, although it may need rebasing now. -- Eric Blake [email protected] +1-919-301-3266 Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
