Re: bug#10472: [PATCH] canonicalize: fix // handling

Sat, 04 Feb 2012 09:59:39 -0800 

On 02/04/2012 09:56 AM, Eric Blake wrote:
> On Cygwin, and other platforms where // is detected as distinct
> from / at configure time, the canonicalize routines were incorrectly
> treating all instances of multiple leading slashes as //.
> See also coreutils bug http://debbugs.gnu.org/10472
> 
> * lib/canonicalize.c (canonicalize_filename_mode): Don't convert
> /// to //, since only // is special.
> 

> +++ b/lib/canonicalize.c
> @@ -145,7 +145,7 @@ canonicalize_filename_mode (const char *name, 
> canonicalize_mode_t can_mode)
>        rname_limit = rname + PATH_MAX;
>        rname[0] = '/';
>        dest = rname + 1;
> -      if (DOUBLE_SLASH_IS_DISTINCT_ROOT && name[1] == '/')
> +      if (DOUBLE_SLASH_IS_DISTINCT_ROOT && name[1] == '/' && name[2] != '/')
>          *dest++ = '/';

This never initializes rname[1] if name is "///",

> @@ -295,7 +296,8 @@ canonicalize_filename_mode (const char *name, 
> canonicalize_mode_t can_mode)
>      }
>    if (dest > rname + 1 && dest[-1] == '/')
>      --dest;
> -  if (DOUBLE_SLASH_IS_DISTINCT_ROOT && dest == rname + 1 && *dest == '/')
> +  if (DOUBLE_SLASH_IS_DISTINCT_ROOT && dest == rname + 1
> +      && *dest == '/' && dest[1] != '/')
>      dest++;

which meant this was reading uninitialized memory, and depending on what
was in the heap, might canonicalize "///" to "/" or "//".  I'm pushing
this additional fix to both files:

diff --git i/lib/canonicalize-lgpl.c w/lib/canonicalize-lgpl.c
index a61bef9..08e76fe 100644
--- i/lib/canonicalize-lgpl.c
+++ w/lib/canonicalize-lgpl.c
@@ -158,6 +158,7 @@ __realpath (const char *name, char *resolved)
       dest = rpath + 1;
       if (DOUBLE_SLASH_IS_DISTINCT_ROOT && name[1] == '/' && name[2] !=
'/')
         *dest++ = '/';
+      *dest = '\0';
     }

   for (start = end = name; *start; start = end)
diff --git i/lib/canonicalize.c w/lib/canonicalize.c
index ed094b7..2c73094 100644
--- i/lib/canonicalize.c
+++ w/lib/canonicalize.c
@@ -147,6 +147,7 @@ canonicalize_filename_mode (const char *name,
canonicalize_mode_t can_mode)
       dest = rname + 1;
       if (DOUBLE_SLASH_IS_DISTINCT_ROOT && name[1] == '/' && name[2] !=
'/')
         *dest++ = '/';
+      *dest = '\0';
     }

   for (start = name; *start; start = end)


-- 
Eric Blake   ebl...@redhat.com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to