This is the mail archive of the cygwin-patches mailing list for the Cygwin project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
On May 18 20:12, David Stacey wrote: > This is the first patch resulting from the Coverity Scan analysis of the > Cygwin source code. The patch fixes Coverity ID 59932. Note that we don't > have that many bugs in the Cygwin source code - that's just an ID that > Coverity assigned to this issue. The patch is only a single line, so it > falls into our definition of 'trivial'. > > getusershell(3) returns the next line from the '/etc/shells' file [1]. This > contains a path to an executable, so it makes sense for 'buf' to contain > PATH_MAX characters. > > Now, the definition of PATH_MAX is the maximum length of the path, including > the null terminator [2]. So the for() loop should copy PATH_MAX-1 > characters, in order to allow for the null terminator. > > However, by copying PATH_MAX characters, there is a possible buffer over-run > when the null terminator is applied. The patch (attached) corrects this. > > Change Log: > 2014-05-18 David Stacey <...> > > * winsup/cygwin/syscalls.cc(getusershell) : > Fixed theoretical buffer overrun of 'buf' that would occur if > /etc/shells contained a line longer than 4095 characters. Thanks, patch applied. Just your ChangeLog needs a bit of work. The Cygwin dir has its own ChangeLog file so the path should be relative to that: * syscalls.cc (getusershell): ... Thanks, Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat
Attachment:
pgpc1chrXL2CY.pgp
Description: PGP signature
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |