packaging
/
ostree
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

core: Preemptively error out on paths longer than PATH_MAX 

Just noticed this while thinking like an attacker.
This commit is contained in:
Colin Walters 2011-12-22 16:50:01 -05:00
parent 3292dcb6d6
commit 786ce3b560
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/libotutil/ot-unix-utils.c
View File

@ -132,6 +132,13 @@ ot_util_path_split_validate (const char *path,
GPtrArray *ret_components = NULL; GPtrArray *ret_components = NULL;
int i; int i;
if (strlen (path) > PATH_MAX)
{
g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
"Path '%s' is too long", path);
goto out;
}
ret_components = ot_split_string_ptrarray (path, '/'); ret_components = ot_split_string_ptrarray (path, '/');
/* Canonicalize by removing '.' and '', throw an error on .. */ /* Canonicalize by removing '.' and '', throw an error on .. */