Google Git
Sign in
gnu/make/bba4427b5dfba7f9cdab8fa2cac1399fceda3058^!/.
commit
bba4427b5dfba7f9cdab8fa2cac1399fceda3058
[log]
author
Paul Eggert <eggert@cs.ucla.edu>
Mon Aug 05 01:30:44 2024 -0700
committer
Paul Smith <psmith@gnu.org>
Mon Sep 02 14:43:24 2024 -0400
tree
43623fe5090e30a8aa205bb428ac46562abf2ce1
parent
c23a7e623209dae6fb36366c2e717690c9bfa042 [diff]
Fix unlikely pointer overflow in abspath

* src/function.c (abspath): len is now ptrdiff_t,
to avoid GCC warning about comparing signed to unsigned.
It really is a pointer difference, after all.
Rejigger comparision to avoid undefined behavior
if dest + len is an invalid pointer.

diff --git a/src/function.c b/src/function.c
index 133e33a..b4c3805 100644
--- a/src/function.c
+++ b/src/function.c

@@ -2119,7 +2119,7 @@
 
   for (start = end = name; *start != '\0'; start = end)
     {
-      size_t len;
+      ptrdiff_t len;
 
       /* Skip sequence of multiple path-separators.  */
       while (ISDIRSEP (*start))
@@ -2147,7 +2147,7 @@
           if (! ISDIRSEP (dest[-1]))
             *dest++ = '/';
 
-          if (dest + len >= apath_limit)
+          if (apath_limit - dest <= len)
             return NULL;
 
           dest = mempcpy (dest, start, len);