[gparted] Use realpath() safely (#764369)
- From: Curtis Gedak <gedakc src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gparted] Use realpath() safely (#764369)
- Date: Thu, 7 Apr 2016 16:39:06 +0000 (UTC)
commit d04826cc27462431b5f43e132c0382e6b6debd6d
Author: Mike Fleetwood <mike fleetwood googlemail com>
Date: Fri Mar 18 16:30:41 2016 +0000
Use realpath() safely (#764369)
realpath(3) manual page says:
BUGS
The POSIX.1-2001 standard version of this function is broken by
design, since it is impossible to determine a suitable size for
the output buffer, resolved_path. According to POSIX.1-2001 a
buffer of size PATH_MAX suffices, but PATH_MAX need not be a
defined constant, and may have to be obtained using pathconf(3).
And asking pathconf(3) does not really help, since, on the one
hand POSIX warns that the result of pathconf(3) may be huge and
unsuitable for mallocing memory, and on the other hand
pathconf(3) may return -1 to signify that PATH_MAX is not
bounded. The resolved_path == NULL feature, not standardized in
POSIX.1-2001, but standardized in POSIX.1-2008, allows this
design problem to be avoided.
The resolved_path == NULL feature of realpath() has existed as a Glibc
extension since realpath() was first added to Glibc 1.90, released in
June 1996. Therefore it can be used unconditionally.
https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=fa0bc87c32d02cd81ec4d0ae00e0d943c683e6e1
Bug 764369 - Use realpath() safely
src/DMRaid.cc | 17 +++++++++--------
src/GParted_Core.cc | 13 +++++++++----
src/Proc_Partitions_Info.cc | 13 ++++++++-----
3 files changed, 26 insertions(+), 17 deletions(-)
---
diff --git a/src/DMRaid.cc b/src/DMRaid.cc
index 077831f..a439826 100644
--- a/src/DMRaid.cc
+++ b/src/DMRaid.cc
@@ -17,6 +17,7 @@
#include "../include/DMRaid.h"
#include "../include/Partition.h"
+#include <limits.h>
#include <stdlib.h> //atoi function
namespace GParted
@@ -126,11 +127,11 @@ bool DMRaid::is_dmraid_device( const Glib::ustring & dev_path )
if ( ! device_found && file_test( dev_path, Glib::FILE_TEST_IS_SYMLINK ) )
{
//Path is a symbolic link so find real path
- char c_str[4096+1] ;
- //FIXME: it seems realpath is very unsafe to use (manpage)...
- if ( realpath( dev_path .c_str(), c_str ) != NULL )
+ char * rpath = realpath( dev_path.c_str(), NULL );
+ if ( rpath != NULL )
{
- Glib::ustring tmp_path = c_str ;
+ Glib::ustring tmp_path = rpath;
+ free( rpath );
if ( tmp_path .length() > 0 )
for ( unsigned int k=0; k < dmraid_devices .size(); k++ )
if ( tmp_path .find( dmraid_devices[k] ) !=
Glib::ustring::npos )
@@ -196,11 +197,11 @@ Glib::ustring DMRaid::get_dmraid_name( const Glib::ustring & dev_path )
if ( dmraid_name .empty() && file_test( dev_path, Glib::FILE_TEST_IS_SYMLINK ) )
{
//Path is a symbolic link so find real path
- char c_str[4096+1] ;
- //FIXME: it seems realpath is very unsafe to use (manpage)...
- if( realpath( dev_path .c_str(), c_str ) != NULL )
+ char * rpath = realpath( dev_path.c_str(), NULL );
+ if ( rpath != NULL )
{
- Glib::ustring tmp_path = c_str ;
+ Glib::ustring tmp_path = rpath;
+ free( rpath );
if ( tmp_path .length() > 0 )
for ( unsigned int k=0; k < dmraid_devices .size(); k++ )
if ( tmp_path .find( dmraid_devices[k] ) !=
Glib::ustring::npos )
diff --git a/src/GParted_Core.cc b/src/GParted_Core.cc
index fb786ef..be6665c 100644
--- a/src/GParted_Core.cc
+++ b/src/GParted_Core.cc
@@ -47,11 +47,14 @@
#include "../include/reiser4.h"
#include "../include/ufs.h"
#include "../include/Copy_Blocks.h"
+
#include <set>
#include <cerrno>
#include <cstring>
#include <sys/types.h>
#include <sys/stat.h>
+#include <limits.h>
+#include <stdlib.h>
#include <unistd.h>
#include <dirent.h>
#include <mntent.h>
@@ -1091,10 +1094,12 @@ void GParted_Core::add_node_and_mountpoint(
// then find real path and add entry too
if ( file_test( node, Glib::FILE_TEST_IS_SYMLINK ) )
{
- char c_str[4096+1] ;
- //FIXME: it seems realpath is very unsafe to use (manpage)...
- if ( realpath( node .c_str(), c_str ) != NULL )
- map[ c_str ] .push_back( mountpoint ) ;
+ char * rpath = realpath( node.c_str(), NULL );
+ if ( rpath != NULL )
+ {
+ map[rpath].push_back( mountpoint );
+ free( rpath );
+ }
}
}
}
diff --git a/src/Proc_Partitions_Info.cc b/src/Proc_Partitions_Info.cc
index f17f689..08d2e92 100644
--- a/src/Proc_Partitions_Info.cc
+++ b/src/Proc_Partitions_Info.cc
@@ -17,6 +17,8 @@
#include "../include/Proc_Partitions_Info.h"
#include <fstream>
+#include <limits.h>
+#include <stdlib.h>
namespace GParted
{
@@ -131,16 +133,17 @@ void Proc_Partitions_Info::load_proc_partitions_info_cache()
line = "/dev/" ;
line += c_str ;
- //FIXME: it seems realpath is very unsafe to use (manpage)...
- if ( file_test( line, Glib::FILE_TEST_EXISTS )
- && realpath( line .c_str(), c_str )
+ char * rpath = NULL;
+ if ( file_test( line, Glib::FILE_TEST_EXISTS )
+ && ( ( rpath = realpath( line.c_str(), NULL ) ) != NULL )
//&& line != c_str
)
{
//Because we can make no assumption about which path libparted will
//detect, we add all combinations.
- alternate_paths_cache[ c_str ] = line ;
- alternate_paths_cache[ line ] = c_str ;
+ alternate_paths_cache[rpath] = line;
+ alternate_paths_cache[line] = rpath;
+ free( rpath );
}
}
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
