mirror/patch
1
0
Fork 0
mirror of https://https.git.savannah.gnu.org/git/patch.git synced 2026-01-27 18:05:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix implausible overflow when reading symlinks

Browse Source 
* src/safe.c (read_symlink): Check for integer overflow
in bufferi size calculation.
This commit is contained in:
Paul Eggert 2024-09-09 16:01:42 -07:00
parent 5e84bda3ff
commit fe8ffd9ba4
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/safe.c
View File

@ -317,7 +317,10 @@ static struct symlink *read_symlink(int dirfd, const char *name)
errno = saved_errno;
return nullptr;
}
symlink = xmalloc (sizeof (*symlink) + st.st_size + 1);
idx_t symlinksize;
if (ckd_add (&symlinksize, st.st_size, 1 + sizeof *symlink))
xalloc_die ();
symlink = ximalloc (symlinksize);
buffer = (char *)(symlink + 1);
ret = readlinkat (dirfd, name, buffer, st.st_size);
if (ret <= 0)