[Mono-bugs] [Bug 82678][Maj] Changed - Mono_Posix_Syscall_readdir_r causes stack corruption in readdir_r, resulting in crash
bugzilla-daemon at bugzilla.ximian.com
bugzilla-daemon at bugzilla.ximian.com
Tue Sep 4 09:14:56 EDT 2007
Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.
Changed by lupus at ximian.com.
http://bugzilla.ximian.com/show_bug.cgi?id=82678
--- shadow/82678 2007-09-04 07:56:17.000000000 -0400
+++ shadow/82678.tmp.16732 2007-09-04 09:14:56.000000000 -0400
@@ -206,6 +206,13 @@
So if this is the best we can do, which is better: a stack overflow or
a heap overflow? The possibility for overflow _still_ exists, so
we'll have to pick our poison... :-(
+
+------- Additional Comments From lupus at ximian.com 2007-09-04 09:14 -------
+I think you should malloc() the proper length sizeof(dirent) +
+MAX(PATH_MAX, NAME_MAX) + 1, which is what the documentation for the
+function actually says is needed. Retarded systems like hurd that
+don't follow the interface are not our problem. For the alignment
+issue you should use a union, like the documentation suggests.
More information about the mono-bugs
mailing list