https://bugs.kde.org/show_bug.cgi?id=515612
Mark Wielaard <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Status|ASSIGNED |RESOLVED --- Comment #3 from Mark Wielaard <[email protected]> --- (In reply to Paul Floyd from comment #2) > OK on FreeBSD 15, illumos latest and macOS 12. Thanks for testing. Pushed as: commit 6a0735f3eaf12397814267c6f9a9aada36418f96 Author: Mark Wielaard <[email protected]> Date: Fri Feb 6 13:57:24 2026 +0100 Sanity check VG_(realpath) and VG_(readlink) return values When VG_(realpath) calls VG_(readlink) it failed to check if VG_(readlink) succeeds, possibly writing to tmp[-1] (on the stack). It also didn't check the getcwd syscall succeeded, which would cause the resolved name to start with undefined bits (from the stack). VG_(data_size) was using too small a (stack) buffer for the VG_(realpath) call and didn't check whether the call actually succeeded. At startup initimg-{darwin,freebsd,linux,solaris} also didn't check VG_(realpath) would resolve before setting VG_(resolved_exename) to possibly random bits on the stack. Fix that by using the (unresolved) exe_name in those cases. https://bugs.kde.org/show_bug.cgi?id=515612 -- You are receiving this mail because: You are watching all bug changes.
