luc14n0/glib
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/glib.git synced 2025-01-27 06:26:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

glib: fix buffer overflow in g_canonicalize_filename()

Browse Source 
The output pointer must not go past the ending \0.

warning: HEAP[testglib.exe]:
warning: Heap block at 0000011EA35745A0 modified at 0000011EA35745BF past requested size of f

Fixes commit 9a30a495ec "gfileutils: Improve performance of g_canonicalize_filename()"

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
This commit is contained in:
Marc-André Lureau 2022-03-04 20:16:29 +00:00 committed by Philip Withnall
parent 3bef2760e9
commit 56e87ae1b5
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
glib/gfileutils.c
View File

@ -2754,8 +2754,12 @@ g_canonicalize_filename (const gchar *filename,
*output = G_DIR_SEPARATOR;
/* 1 to re-increment after the final decrement above (so that output >= canon),
* and 1 to skip the first `/` */
output += 2;
* and 1 to skip the first `/`. There might not be a first `/` if
* the @canon is a Windows `//server/share` style path with no
* trailing directories. @after_root will be '\0' in that case. */
output++;
if (*output == G_DIR_SEPARATOR)
output++;
/* POSIX allows double slashes at the start to mean something special
* (as does windows too). So, "//" != "/", but more than two slashes