mirrors/cosmopolitan
1
0
Fork 0
mirror of https://github.com/jart/cosmopolitan.git synced 2025-08-06 18:00:28 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix buffer overflow in TryPath

Browse source 
Missed this when changing the code back to be like the old version.
com is now a parameter.

The only plausible way to trigger this would be to pass a loader
pathname close to MAX_PATH characters long, and then remove that
path prior to the first sys_faccessat.
This commit is contained in:
Jōshin 2023-12-18 22:46:07 -05:00
parent 85e4c020a3
commit 5aca48b16e
No known key found for this signature in database
1 changed files with 1 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
libc/calls/getprogramexecutablename.greg.c
View file

@ -98,6 +98,7 @@ static int TryPath(const char *q, int com) {
}
*p = 0;
if (!sys_faccessat(AT_FDCWD, g_prog.u.buf, F_OK, 0)) return 1;
if (!com) return 0;
p = WRITE32LE(p, READ32LE(".com"));
*p = 0;
if (!sys_faccessat(AT_FDCWD, g_prog.u.buf, F_OK, 0)) return 1;