https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=229433
Bug ID: 229433
Summary: overflow at realpath()
Product: Base System
Version: CURRENT
Hardware: Any
OS: Any
Status: New
Severity: Affects Many People
Priority: ---
Component: bin
Assignee: [email protected]
Reporter: [email protected]
File:
https://github.com/freebsd/freebsd/blob/master/contrib/mdocml/mandocdb.c#L613
i.e
if (realpath(path, buf) == NULL) {
This function does not protect against buffer overflows, and some
implementations can overflow internally.
Ensure that the destination buffer is at least of size MAXPATHLEN, andto
protect against implementation problems, the input argument should also be
checked to
ensure it is no larger than MAXPATHLEN.
realpath() output buffers should be large enough to handle the maximum-size
possible result from path manipulation functions, at least of size PATH_MAX
--
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "[email protected]"
