Potential problem in derelativise_path

Corinna Vinschen vinschen at redhat.com
Fri Mar 26 20:47:53 EST 2010


Hi,

I just saw the latest patches to the portable OpenSSH repository
and stumbled over this one:

  [servconf.c]
     from portable: getcwd(NULL, 0) doesn't work on all platforms, so
     use a stack buffer;

The stack buffer has a size of MAXPATHLEN.  However, on many systems the
absolute path can exceed MAXPATHLEN, for instance on Linux or Cygwin.
In that case, the derelativise_path function will fail with a fatal
error.  So on these systems it would be better if the function would
stick to getcwd(NULL, 0).


Corinna

-- 
Corinna Vinschen
Cygwin Project Co-Leader
Red Hat


More information about the openssh-unix-dev mailing list