ericonr
/
util-linux
mirror of https://github.com/ericonr/util-linux.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

namei: fix buffer overflow 

$ ./namei  /usr/bin/java
 *** glibc detected *** ./namei: free(): invalid next size (fast): 0x00000000018e5070 ***
 [...]
 Aborted

Reported-by: Sami Kerola <kerolasa@iki.fi>
Signed-off-by: Karel Zak <kzak@redhat.com>
This commit is contained in:
Karel Zak 2009-01-06 14:26:12 +01:00
parent 6db4681802
commit f7ed29a7b6
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
misc-utils/namei.c
View File

@ -197,10 +197,11 @@ readlink_to_namei(struct namei *nm, const char *path)
err(EXIT_FAILURE, _("out of memory?"));
if (*sym != '/') {
/* create the absolute path from the relative symlink */
memcpy(nm->abslink, path, nm->relstart);
*(nm->abslink + nm->relstart) = '/';
nm->relstart++;
memcpy(nm->abslink + nm->relstart, sym, sz);
memcpy(nm->abslink + nm->relstart, sym, sz - nm->relstart);
} else
memcpy(nm->abslink, sym, sz);
nm->abslink[sz] = '\0';