[openssh-commits] [openssh] 02/02: upstream: avoid truncation of pathnames headed to lstat() for

[git+noreply at mindrot.org]

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 70d7044a966a541d9df6002fbeb62d005555cc78
Author: djm at openbsd.org <djm at openbsd.org>
AuthorDate: Fri Jun 5 08:48:43 2026 +0000

    upstream: avoid truncation of pathnames headed to lstat() for
    
    systems where PATH_MAX is not the actual max; reported by sahvx655-wq via
    GHPR688
    
    OpenBSD-Commit-ID: fcbeeff99d857f2f3916ad06570fa05fc38b0f07
---
 sftp-server.c | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/sftp-server.c b/sftp-server.c
index ed57339d5..156d5ece5 100644
--- a/sftp-server.c
+++ b/sftp-server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp-server.c,v 1.154 2026/05/31 04:59:51 djm Exp $ */
+/* $OpenBSD: sftp-server.c,v 1.155 2026/06/05 08:48:43 djm Exp $ */
 /*
  * Copyright (c) 2000-2004 Markus Friedl.  All rights reserved.
  *
@@ -1136,7 +1136,7 @@ process_readdir(uint32_t id)
 		send_status(id, SSH2_FX_FAILURE);
 	} else {
 		struct stat st;
-		char pathname[PATH_MAX];
+		char *pathname;
 		Stat *stats;
 		int nstats = 10, count = 0, i;
 
@@ -1146,10 +1146,11 @@ process_readdir(uint32_t id)
 				nstats *= 2;
 				stats = xreallocarray(stats, nstats, sizeof(Stat));
 			}
-/* XXX OVERFLOW ? */
-			snprintf(pathname, sizeof pathname, "%s%s%s", path,
+			xasprintf(&pathname, "%s%s%s", path,
 			    strcmp(path, "/") ? "/" : "", dp->d_name);
-			if (lstat(pathname, &st) == -1)
+			r = lstat(pathname, &st);
+			free(pathname);
+			if (r == -1)
 				continue;
 			stat_to_attrib(&st, &(stats[count].attrib));
 			stats[count].name = xstrdup(dp->d_name);

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.