control: reassign -1 manpages-dev control: fixed -1 manpages-dev/4.0.5 control: close -1 manpages-dev/4.0.5
Hi, On 2006-12-22 09:23, Derrell Lipman wrote: > Package: libc6 > Version: 2.3.2.ds1-22 > Severity: normal > > > The readdir() man page states that readdir() returns a pointer to a struct > dirent, and shows the fields of the dirent structure which include > d_name[256]. It appears, however, that readdir() actually returns a pointer > to within the dirp buffer, and if towards the end of the dirp buffer, the > pointer returned by readdir() may not be accessible through the full > sizeof(struct dirent). This disallows structure assignments or memcpy of the > entire structure as they cause segmentation violations. > > The easiest solution to this problem is probably to change the man page to > indicate that, although the structure has a d_name[256] field, it should be > treated, as with POSIX, as only long enough to hold the file name and its > terminating null character. Accesses beyond that null byte may cause (and > have been seen in the wild to actually cause) a segmentation violation. So this is actually a documentation issue, and not a glibc one. Given the manpage is provided by the manpages-dev package, I am reassigning the bug to there. The issue has been fixed in the meantime, in manpages-dev version 4.05. Closing the bug accordingly. Regards Aurelien -- Aurelien Jarno GPG: 4096R/1DDD8C9B aurel...@aurel32.net http://aurel32.net
