From patchwork Mon Mar 21 13:59:42 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Purdie X-Patchwork-Id: 5599 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id E72DAC4167B for ; Mon, 21 Mar 2022 13:59:46 +0000 (UTC) Received: from mail-wr1-f48.google.com (mail-wr1-f48.google.com [209.85.221.48]) by mx.groups.io with SMTP id smtpd.web09.30957.1647871185909367341 for ; Mon, 21 Mar 2022 06:59:46 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@linuxfoundation.org header.s=google header.b=LBS2Zllg; spf=pass (domain: linuxfoundation.org, ip: 209.85.221.48, mailfrom: richard.purdie@linuxfoundation.org) Received: by mail-wr1-f48.google.com with SMTP id r10so20851896wrp.3 for ; Mon, 21 Mar 2022 06:59:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linuxfoundation.org; s=google; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=2knfTwRwwJ+OQORm7DH+BDlXIYUYzqif3jGceAmy4gI=; b=LBS2ZllgBh3TLwP3MzwQM8YHUta/aeGSRLJFzXltH+i3CU7BxNFz17H/uHV6QahGHx tDghpHAiS7Ig87UVJGRK7U9FGLUQQHKa+6V6zgodxzq6Xl2Ct2eT+8idiYEx5rkp6mqx 8hC4YdyLo/Vf2zy5OOEVYjXksqy4qc5hm5HW0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=2knfTwRwwJ+OQORm7DH+BDlXIYUYzqif3jGceAmy4gI=; b=j19d/Aw1WW4JFEYbnPZB4wfkUXxSUjvbk7CairPPbgi5izcE0nw6ZLTqYhSW4GX9gk F7JApCLDIICSqTwTTFexwlZvH7qr/OrMxnxNGzXb86Le6U3nMbIp+oDakx7vIRBgAsAt KnjScxQ5+GCNvkZXCh71o/0dwr7a3+85bGQp9oOHhnA+7Fr6DWrLNQnMivVSb7Jql1Oa GGBm/zhI7G9XAmnpXe0j52U7Gl0lHynXxwC/WW2YNkrD11CFrT+aMXbvroAuk8WIc0iX 9VDKxvp3eBOF/R2eknltMMqDexIfgM5l1xwNAXGbcol3HZixyF1CDR/9U8DvaYKKNBsL MDow== X-Gm-Message-State: AOAM532woZvH9Jh4FUTw9vBxyWIVzqdSGNHj7zbfDUsfUioltQ5B9B0F JsaWlyIBXbCGhuDaWumVqh9qmvE4eC6gU4L+ X-Google-Smtp-Source: ABdhPJxQoR1N7yWpJH0D8nurb6OdqnN0cyC8oyRvWS58pTYwXKanTaplz/+y20qiksPBmlOBkBjKTw== X-Received: by 2002:a5d:5507:0:b0:203:e0a3:7016 with SMTP id b7-20020a5d5507000000b00203e0a37016mr17723419wrv.575.1647871183780; Mon, 21 Mar 2022 06:59:43 -0700 (PDT) Received: from hex.int.rpsys.net ([2001:8b0:aba:5f3c:7422:13d5:6a39:d39]) by smtp.gmail.com with ESMTPSA id c124-20020a1c3582000000b00384d42a9638sm14045094wma.2.2022.03.21.06.59.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 21 Mar 2022 06:59:43 -0700 (PDT) From: Richard Purdie To: openembedded-core@lists.openembedded.org Cc: seebs@seebs.net Subject: [PATCH] pseudo_util: Improve handling of crazy length paths Date: Mon, 21 Mar 2022 13:59:42 +0000 Message-Id: <20220321135942.1176431-1-richard.purdie@linuxfoundation.org> X-Mailer: git-send-email 2.32.0 MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 21 Mar 2022 13:59:46 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/163508 Crazy shell code (e.g. libtool) can pass in a command pipeline as a path which exceeds the max path length the system can support (6000+ chars). This will fail in libc or the syscall but if we don't do something here, we'd segfault before it can do that. Leave path unchanged and let libc deal with it. This was observed with segfaults in libfm:do_install after the libtool upgrade. It does depend on the length of the local build path too. Signed-off-by: Richard Purdie --- pseudo_util.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/pseudo_util.c b/pseudo_util.c index b9de81e..0a89535 100644 --- a/pseudo_util.c +++ b/pseudo_util.c @@ -827,12 +827,21 @@ pseudo_fix_path(const char *base, const char *path, size_t rootlen, size_t basel return 0; } newpathlen = pseudo_path_max(); + pathlen = strlen(path); + /* Crazy shell code (e.g. libtool) can pass in a command pipeline as a path which exceeds the max path + * length the system can support (6000+ chars). This will fail in libc or the syscall but if we don't + * do something here, we'd segfault before it can do that. Leave path unchanged and let libc deal + * with it. + */ + if ((pathlen + baselen) >= newpathlen) { + return path; + } if (!pathbufs[pathbuf]) { pathbufs[pathbuf] = malloc(newpathlen); } newpath = pathbufs[pathbuf]; pathbuf = (pathbuf + 1) % PATHBUFS; - pathlen = strlen(path); + /* a trailing slash has special meaning, but processing * trailing slashes is expensive. */