wrong strlcat limit value in realpath.c
Todd C. Miller
Todd.Miller at courtesan.com
Wed Oct 14 07:57:35 AEDT 2015
On Tue, 13 Oct 2015 12:36:45 -0700, William Ahern wrote:
> In realpath.c at line 182
>
> left_len = strlcat(symlink, left, sizeof(left));
>
> should be
>
> left_len = strlcat(symlink, left, sizeof(symlink));
>
> It's a benign issue because both arrays are the same size. And I can't
> imagine that ever changing. But it's inconsistent, not to mention throwing
> compiler warnings on OS X.
Correct. This was fixed some time ago i version shipped with OpenSSH
was not updated. The truncation check immediately following the
strlcat also should use sizeof(symlink) rather than sizeof(left).
- todd
More information about the openssh-unix-dev
mailing list