Commit ID: 1005FBEF923148E008C
CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2020/11/26 00:42:28 UTC
Modified files:
lib/libc/sys : readlink.2
include : unistd.h
sys/kern : init_sysent.c syscalls.c
sys/sys : syscall.h syscallargs.h
usr.bin/readlink: readlink.c
bin/mksh : misc.c
Log message:
• check readlink(2) arg (to avoid TOCTOU race) by doing something like:
char buf[size + 1];
ssize_t n = readlink(fn, buf, sizeof(buf));
if (n == (ssize_t)-1 || n > size) // error
alt. if (n == (ssize_t)-1 || n >= sizeof(buf)) // error
via https://www.hadrons.org/~guillem/debian/ports/porting
• readlink(2) returns ssize_t (per POSIX) while here
To generate a diff of this changeset, execute the following commands:
cvs -R rdiff -kk -upr1.2 -r1.3 src/lib/libc/sys/readlink.2
cvs -R rdiff -kk -upr1.14 -r1.15 src/include/unistd.h
cvs -R rdiff -kk -upr1.10 -r1.11 src/sys/kern/init_sysent.c
cvs -R rdiff -kk -upr1.10 -r1.11 src/sys/kern/syscalls.c
cvs -R rdiff -kk -upr1.10 -r1.11 src/sys/sys/syscall.h
cvs -R rdiff -kk -upr1.10 -r1.11 src/sys/sys/syscallargs.h
cvs -R rdiff -kk -upr1.6 -r1.7 src/usr.bin/readlink/readlink.c
cvs -R rdiff -kk -upr1.302 -r1.303 src/bin/mksh/misc.c
