2008-02-05 12:13:05

by Jim Meyering

Subject: [PATCH] Handle unusual results from find_tempdir.

An alternative: make find_tempdir set tempdir to default_tempdir
upon malloc failure.

* arch/um/os-Linux/mem.c (make_tempfile): Handle NULL tempdir.
Don't let a long tempdir (e.g., via TMPDIR) provoke heap corruption.

Signed-off-by: Jim Meyering <[email protected]>
---
arch/um/os-Linux/mem.c | 3 +++
1 files changed, 3 insertions(+), 0 deletions(-)

diff --git a/arch/um/os-Linux/mem.c b/arch/um/os-Linux/mem.c
index e114d09..1458385 100644
--- a/arch/um/os-Linux/mem.c
+++ b/arch/um/os-Linux/mem.c
@@ -176,6 +176,9 @@ int __init make_tempfile(const char *template, char **out_tempname,
return -1;

find_tempdir();
+ if (tempdir == NULL || strlen(tempdir) >= MAXPATHLEN)
+ return -1;
+
if (template[0] != '/')
strcpy(tempname, tempdir);
else
--
1.5.4.19.gd3dfd

2008-02-05 15:35:18

by Theodore Ts'o

Subject: Re: [PATCH] Handle unusual results from find_tempdir.

On Tue, Feb 05, 2008 at 01:13:04PM +0100, Jim Meyering wrote:
> An alternative: make find_tempdir set tempdir to default_tempdir
> upon malloc failure.
>
> * arch/um/os-Linux/mem.c (make_tempfile): Handle NULL tempdir.
> Don't let a long tempdir (e.g., via TMPDIR) provoke heap corruption.

This wasn't meant for the linux-ext4 list, was it? I think maybe you
typo'ed the mailing list this patch was supposed to be sent to?

Regards,

- Ted