From: Michael Jeanson Date: Fri, 4 Dec 2015 22:03:12 +0000 (-0500) Subject: Fix: Check return value of fpathconf X-Git-Url: http://git.efficios.com/?a=commitdiff_plain;h=6038c87e1e44763c177d66317b0330f5a6171dc7;hp=f2c00dfac5b17952bc2c16368157f0cbf2b50bbc;p=babeltrace.git Fix: Check return value of fpathconf Current glibc has a bug in fpathconf(fd, _PC_NAME_MAX) where it will fail with a 32bit userland on a 64bit kernel and where the filesystem has a large block count, see glibc bug #18675. In any case, we should check this return value because on a failure we we don't allocate enough memory for dirent and then overflow on the readdir_r call. Signed-off-by: Michael Jeanson Signed-off-by: Jérémie Galarneau --- diff --git a/formats/ctf/ctf.c b/formats/ctf/ctf.c index a617497e..e626c6cf 100644 --- a/formats/ctf/ctf.c +++ b/formats/ctf/ctf.c @@ -2113,6 +2113,7 @@ int ctf_open_trace_read(struct ctf_trace *td, struct dirent *dirent; struct dirent *diriter; size_t dirent_len; + int pc_name_max; char *ext; td->flags = flags; @@ -2162,8 +2163,15 @@ int ctf_open_trace_read(struct ctf_trace *td, * the stream array. */ - dirent_len = offsetof(struct dirent, d_name) + - fpathconf(td->dirfd, _PC_NAME_MAX) + 1; + pc_name_max = fpathconf(td->dirfd, _PC_NAME_MAX); + if (pc_name_max < 0) { + perror("Error on fpathconf"); + fprintf(stderr, "[error] Failed to get _PC_NAME_MAX for path \"%s\".\n", path); + ret = -1; + goto error_metadata; + } + + dirent_len = offsetof(struct dirent, d_name) + pc_name_max + 1; dirent = malloc(dirent_len);