diff options
author | Eric Blake <eblake@redhat.com> | 2012-02-04 11:11:40 -0700 |
---|---|---|
committer | Eric Blake <eblake@redhat.com> | 2012-02-04 11:41:56 -0700 |
commit | 04b6c2e58486cfb30641633962249753052ba89f (patch) | |
tree | fb6a9e70de049e6dd36224205bc55006c53bf60c /tests/test-lock.c | |
parent | 5eb934dfd78a8ff086ffef87f5d4ec18e2d45cf7 (diff) | |
download | gnulib-04b6c2e58486cfb30641633962249753052ba89f.tar.gz |
canonicalize: avoid uninitialized memory use
When DOUBLE_SLASH_IS_DISTINCT_ROOT is non-zero, then we were
reading the contents of rpath[1] even when we had never written
anything there, which meant that "///" would usually canonicalize
to "/" but sometimes to "//" if a '/' was leftover in the heap.
This condition could also occur via 'ln -s / //some/path' and
canonicalizing //some/path, where we rewind rpath but do not
clear out the previous round. Platforms where "//" and "/" are
equivalent do not suffer from this read-beyond-written bounds.
* lib/canonicalize-lgpl.c (__realpath): Avoid possibility of
random '/' left in dest.
* lib/canonicalize.c (canonicalize_filename_mode): Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
Diffstat (limited to 'tests/test-lock.c')
0 files changed, 0 insertions, 0 deletions