summaryrefslogtreecommitdiff
path: root/sysdeps/posix/opendir.c
diff options
context:
space:
mode:
authorFlorian Weimer <fweimer@redhat.com>2013-08-16 09:38:52 +0200
committerFlorian Weimer <fweimer@redhat.com>2013-08-16 09:40:34 +0200
commit91ce40854d0b7f865cf5024ef95a8026b76096f3 (patch)
tree268277f390b889cc857152d268242bd603036b9e /sysdeps/posix/opendir.c
parentca0a6bc4c5c53aa6c4a735c36336408a06b8cd89 (diff)
downloadglibc-91ce40854d0b7f865cf5024ef95a8026b76096f3.tar.gz
CVE-2013-4237, BZ #14699: Buffer overflow in readdir_r
* sysdeps/posix/dirstream.h (struct __dirstream): Add errcode member. * sysdeps/posix/opendir.c (__alloc_dir): Initialize errcode member. * sysdeps/posix/rewinddir.c (rewinddir): Reset errcode member. * sysdeps/posix/readdir_r.c (__READDIR_R): Enforce NAME_MAX limit. Return delayed error code. Remove GETDENTS_64BIT_ALIGNED conditional. * sysdeps/unix/sysv/linux/wordsize-64/readdir_r.c: Do not define GETDENTS_64BIT_ALIGNED. * sysdeps/unix/sysv/linux/i386/readdir64_r.c: Likewise. * manual/filesys.texi (Reading/Closing Directory): Document ENAMETOOLONG return value of readdir_r. Recommend readdir more strongly. * manual/conf.texi (Limits for Files): Add portability note to NAME_MAX, PATH_MAX. (Pathconf): Add portability note for _PC_NAME_MAX, _PC_PATH_MAX.
Diffstat (limited to 'sysdeps/posix/opendir.c')
-rw-r--r--sysdeps/posix/opendir.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/sysdeps/posix/opendir.c b/sysdeps/posix/opendir.c
index ddfc3a7510..fc05b0f9d7 100644
--- a/sysdeps/posix/opendir.c
+++ b/sysdeps/posix/opendir.c
@@ -231,6 +231,7 @@ __alloc_dir (int fd, bool close_fd, int flags, const struct stat64 *statp)
dirp->size = 0;
dirp->offset = 0;
dirp->filepos = 0;
+ dirp->errcode = 0;
return dirp;
}
View Lorry Controller Status