mirrors/mc
1
0
Fork 0
mirror of https://github.com/MidnightCommander/mc synced 2025-01-03 18:14:25 +03:00
Code Issues Packages Projects Releases Wiki Activity

Ticket #3437: (custom_canonicalize_pathname): fix heap-buffer-overflow.

Browse Source 
Only use strncmp when path has enough room (greater then url_delim_len
size).
Overflow happen when path = './'.

(Found by AddressSanitizer.)

Signed-off-by: Andrew Borodin <aborodin@vmail.ru>
This commit is contained in:
Andreas Mohr 2015-04-11 12:47:52 +03:00 committed by Andrew Borodin
parent c9b07317c3
commit 4821259d85
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/utilunix.c
View File

@ -893,7 +893,7 @@ custom_canonicalize_pathname (char *path, CANON_PATH_FLAGS flags)
p = lpath + strlen (lpath) - 1;
while (p > lpath && IS_PATH_SEP (*p))
{
if (p >= lpath - (url_delim_len + 1)
if (p >= lpath + url_delim_len - 1
&& strncmp (p - url_delim_len + 1, VFS_PATH_URL_DELIMITER, url_delim_len) == 0)
break;
*p-- = 0;