On 12/29/20 5:21 PM, Paul Eggert wrote:
I installed the attached patch into Gnulib to fix the bug in a way I
hope is better.
Unfortunately that patch didn't correctly treat size-calculation
overflow like other out-of-memory situations. I installed the attached
further patch into Gnulib.
>From 649e713c1e5452204253cb1029ea22c1b6effa2e Mon Sep 17 00:00:00 2001
From: Paul Eggert <egg...@cs.ucla.edu>
Date: Tue, 29 Dec 2020 19:34:59 -0800
Subject: [PATCH] canonicalize: fix size overflow treatment
This also has some minor cleanups.
* lib/canonicalize-lgpl.c, lib/canonicalize.c: No need to include
stddef.h, since the code no longer refers directly to ptrdiff_t.
* lib/canonicalize-lgpl.c (realpath_stk):
* lib/canonicalize.c (canonicalize_filename_mode_stk):
Treat size overflow like other out-of-memory.
* lib/canonicalize.c: No need to include stdlib.h, since
the code no longer refers to stdlib.h functions (other
than those that canonicalize.h must declare).
* lib/canonicalize.c (canonicalize_filename_mode_stk):
Do not bother terminating the string result on error.
---
ChangeLog | 15 +++++++++++++++
lib/canonicalize-lgpl.c | 6 +-----
lib/canonicalize.c | 9 ++-------
3 files changed, 18 insertions(+), 12 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index cca14c910..2af7a42c7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,18 @@
+2020-12-29 Paul Eggert <egg...@cs.ucla.edu>
+
+ canonicalize: fix size overflow treatment
+ This also has some minor cleanups.
+ * lib/canonicalize-lgpl.c, lib/canonicalize.c: No need to include
+ stddef.h, since the code no longer refers directly to ptrdiff_t.
+ * lib/canonicalize-lgpl.c (realpath_stk):
+ * lib/canonicalize.c (canonicalize_filename_mode_stk):
+ Treat size overflow like other out-of-memory.
+ * lib/canonicalize.c: No need to include stdlib.h, since
+ the code no longer refers to stdlib.h functions (other
+ than those that canonicalize.h must declare).
+ * lib/canonicalize.c (canonicalize_filename_mode_stk):
+ Do not bother terminating the string result on error.
+
2020-12-29 Bruno Haible <br...@clisp.org>
list-c++, [o]map-c++, [o]set-c++: Fix conflict with 'free-posix' module.
diff --git a/lib/canonicalize-lgpl.c b/lib/canonicalize-lgpl.c
index e8b10f0e7..01b06322d 100644
--- a/lib/canonicalize-lgpl.c
+++ b/lib/canonicalize-lgpl.c
@@ -32,7 +32,6 @@
#include <fcntl.h>
#include <limits.h>
#include <stdbool.h>
-#include <stddef.h>
#include <string.h>
#include <sys/stat.h>
#include <unistd.h>
@@ -345,10 +344,7 @@ realpath_stk (const char *name, char *resolved,
end_idx = end - extra_buf;
size_t len = strlen (end);
if (NARROW_ADDRESSES && INT_ADD_OVERFLOW (len, n))
- {
- __set_errno (ENOMEM);
- goto error;
- }
+ goto error_nomem;
while (extra_buffer.length <= len + n)
{
if (!scratch_buffer_grow_preserve (&extra_buffer))
diff --git a/lib/canonicalize.c b/lib/canonicalize.c
index eee3dbee6..26066831c 100644
--- a/lib/canonicalize.c
+++ b/lib/canonicalize.c
@@ -21,8 +21,6 @@
#include <errno.h>
#include <fcntl.h>
#include <stdbool.h>
-#include <stddef.h>
-#include <stdlib.h>
#include <string.h>
#include <sys/stat.h>
#include <unistd.h>
@@ -396,10 +394,7 @@ canonicalize_filename_mode_stk (const char *name, canonicalize_mode_t can_mode,
end_idx = end - extra_buf;
size_t len = strlen (end);
if (NARROW_ADDRESSES && INT_ADD_OVERFLOW (len, n))
- {
- errno = ENOMEM;
- goto error;
- }
+ xalloc_die ();
while (extra_buffer.length <= len + n)
{
if (!scratch_buffer_grow_preserve (&extra_buffer))
@@ -461,7 +456,6 @@ canonicalize_filename_mode_stk (const char *name, canonicalize_mode_t can_mode,
failed = false;
error:
- *dest++ = '\0';
if (ht)
hash_free (ht);
scratch_buffer_free (&extra_buffer);
@@ -473,6 +467,7 @@ error:
return NULL;
}
+ *dest++ = '\0';
char *result = scratch_buffer_dupfree (rname_buf, dest - rname);
if (!result)
xalloc_die ();
--
2.27.0
