On Fri, Feb 14, 2025 at 03:50:23PM +0300, Askar Safin wrote:
> I verified using expirement that glibc wrapper getcwd actually never returns "(unreachable)".
Hi Askar,
Could you please show the experiment in the commit message?
Have a lovely day!
Alex
> Also I have read glibc sources for all 3 functions documented here.
> All they don't return "(unreachable)".
> Also I changed "pathname" to "pathnames".
>
> Signed-off-by: Askar Safin <safinaskar@xxxxxxxxxxxx>
> ---
> man/man3/getcwd.3 | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/man/man3/getcwd.3 b/man/man3/getcwd.3
> index 685585a60..685a280a1 100644
> --- a/man/man3/getcwd.3
> +++ b/man/man3/getcwd.3
> @@ -245,8 +245,10 @@ process (e.g., because the process set a new filesystem root using
> without changing its current directory into the new root).
> Such behavior can also be caused by an unprivileged user by changing
> the current directory into another mount namespace.
> -When dealing with pathname from untrusted sources, callers of the
> -functions described in this page
> +When dealing with pathnames from untrusted sources, callers of the
> +raw
> +.BR getcwd ()
> +system call
> should consider checking whether the returned pathname starts
> with '/' or '(' to avoid misinterpreting an unreachable path
> as a relative pathname.
> --
> 2.39.5
>
--
<https://www.alejandro-colomar.es/>
Attachment:
signature.asc
Description: PGP signature
