[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20241105045628.1542264-1-lihua.zhao.cn@windriver.com>
Date: Tue, 5 Nov 2024 12:56:28 +0800
From: <lihua.zhao.cn@...driver.com>
To: <musl@...ts.openwall.com>
CC: <lihua.zhao.cn@...driver.com>
Subject: [PATCH v2] mman: correct length check in __shm_mapname
From: Lihua Zhao <lihua.zhao.cn@...driver.com>
account for leading slashes when comparing against NAME_MAX.
Signed-off-by: Lihua Zhao <lihua.zhao.cn@...driver.com>
---
According to https://pubs.opengroup.org/onlinepubs/9799919799/:
leading <slash> character in name is implementation-defined, and that the length limits for the name argument are implementation-defined and need not be the same as the pathname limits {PATH_MAX} and {NAME_MAX}.
Although it is implementation-defined, glibc obviously calculates the lead slash.
src/mman/shm_open.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/src/mman/shm_open.c b/src/mman/shm_open.c
index 79784bd3..07dbeb96 100644
--- a/src/mman/shm_open.c
+++ b/src/mman/shm_open.c
@@ -8,19 +8,19 @@
char *__shm_mapname(const char *name, char *buf)
{
- char *p;
- while (*name == '/') name++;
- if (*(p = __strchrnul(name, '/')) || p==name ||
- (p-name <= 2 && name[0]=='.' && p[-1]=='.')) {
+ const char *s=name, *e;
+ while (*s == '/') s++;
+ if (*(e = __strchrnul(s, '/')) || e==s ||
+ (e-s <= 2 && s[0]=='.' && e[-1]=='.')) {
errno = EINVAL;
return 0;
}
- if (p-name > NAME_MAX) {
+ if (e-name > NAME_MAX) {
errno = ENAMETOOLONG;
return 0;
}
memcpy(buf, "/dev/shm/", 9);
- memcpy(buf+9, name, p-name+1);
+ memcpy(buf+9, s, e-s+1);
return buf;
}
--
2.34.1
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
