[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: buffer write bug in mg



Kjell Wooding wrote:
> > From basename(3):
> >
> >   CAVEATS
> >        basename() returns a pointer to internal static storage
> >        space that will be overwritten by subsequent calls.
>
> That's the openbsd caveat. It's okay here, as we do an immediate
> copy.
>
> The one you probably mean is the one that says "Both dirname and
> basename may modify the contents of path, so copies should be
> passed to these functions." which is specific to the linux POSIX
> basename (which you get when you include libgen)
>
> If you don't include libgen, you should get the glib version,
> which doesn't have this little evil behavior.

Ah right, I'm getting old, my memory is fading.


> > So I'd like to suggest this extra patch:
>
> Bleah. That would mean extra strdups wherever baseame and
> dirname are used. This isn't needed under OpenBSD, and you
> should be able to avoid it by avoiding the aforementioned
> include.

True, and that fixed it indeed.


> Does POSIX *actually* insist that basename and dirname MUST have
> evil side effects?

POSIX does not insist, but -- alas -- it also doesn't forbid this
evil behaviour.

    The basename() function may modify the string pointed to by
    path, and may return a pointer to static storage that may then
    be overwritten by a subsequent call to basename().


Is this worth mentioning in the manpage?



# Han