Re: [PATCH] Fix readdir_r with long file names

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Mar 01, 2016 at 11:21:11PM +0100, Florian Weimer wrote:
> On 03/01/2016 10:01 PM, Michael Kerrisk (man-pages) wrote:
> > On 03/01/2016 09:27 PM, Florian Weimer wrote:
> >> On 03/01/2016 09:14 PM, Michael Kerrisk (man-pages) wrote:
> >>
> >>> What happens with readdir() when it gets a filename that is larger 
> >>> than 255 characters?
> >>
> >> Good question.  Ugh.
> >>
> >> readdir will return a pointer to a struct dirent whose d_name member
> >> will not be null-terminated, but the memory following the struct dirent
> >> object will contain the rest of the name, and will eventually be
> >> null-terminated.
> > 
> > So, in other words, if the caller users a declaration of the form
> > 
> >     struct dirent d;
> > 
> > (rather than say allocating a large buffer dynamically), then we have 
> > a buffer overrun?
> 
> readdir gives you only a struct dirent * to an internal buffer.  If you do
> 
>   struct dirent *e = readdir (dir);
>   memcpy (&d, e, sizeof (d));
> 
> you can end up with a truncated name.  According to Paul's comment, this
> kind of truncation is very visible on Solaris.

POSIX also cautions you that this is a permitted definition. See:

http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/dirent.h.html

It's covered under the description and rationale.

Rich
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Kernel Documentation]     [Netdev]     [Linux Ethernet Bridging]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux Admin]     [Samba]

  Powered by Linux