Date: Tue, 9 Dec 2003 15:54:20 +0100 From: dada@sbox.tugraz.at To: freebsd-gnats-submit@FreeBSD.org Subject: bin/60079: realpath(3) accepts zero size symbolic links Message-ID: <20031209155420.owco000444w4g0g4@webmail.tugraz.at> Resent-Message-ID: <200312091500.hB9F0ZsO054986@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 60079 >Category: bin >Synopsis: realpath(3) accepts zero size symbolic links >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Dec 09 07:00:35 PST 2003 >Closed-Date: >Last-Modified: >Originator: Martin Kammerhofer >Release: FreeBSD 4.9-STABLE i386 >Organization: Graz University >Environment: System: FreeBSD Martin.liebt.Susi 4.9-STABLE FreeBSD 4.9-STABLE #0: Thu Nov 20 21:46:53 CET 2003 toor@Martin.liebt.Susi:/usr/obj/usr/src/sys/LEND4 i386 Applies to -current and -stable. >Description: The libc realpath(3) routine accepts zero size symbolic links without returning any error indication. Since namei(9) will never accept such a path this behaviour is misleading and could confuse applications. BTW Revision 1.13 of src/lib/libc/stdlib/realpath.3 needs a MFC. >How-To-Repeat: /var/tmp$ ln -s "" ZEROLINK /var/tmp$ realpath ZEROLINK /var/tmp /var/tmp$ realpath ZEROLINK/vi.recover /var/tmp/vi.recover >Fix: --- src/lib/libc/stdlib/realpath.c.orig Tue Dec 9 12:48:48 2003 +++ src/lib/libc/stdlib/realpath.c Tue Dec 9 12:52:27 2003 @@ -149,11 +149,14 @@ return (NULL); } slen = readlink(resolved, symlink, sizeof(symlink) - 1); - if (slen < 0) + if (slen <= 0) { + if (slen == 0) + errno = ENOENT; return (NULL); + } symlink[slen] = '\0'; if (symlink[0] == '/') { - resolved[1] = 0; + resolved[1] = '\0'; resolved_len = 1; } else if (resolved_len > 1) { /* Strip the last path component. */ >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031209155420.owco000444w4g0g4>