On Wed, 2011-12-28 at 22:01 +0100, Samuel Thibault wrote: > Svante Signell, le Wed 28 Dec 2011 11:26:37 +0100, a écrit : > > On Wed, 2011-12-28 at 10:33 +0100, Samuel Thibault wrote: > > > Svante Signell, le Wed 28 Dec 2011 10:17:24 +0100, a écrit : > > > > Ok, this comparison was maybe not the best. The main problem remains, > > for Hurd, how can a too short path string overwrite the environment > > vector of strings? > > Because the environment is just after main's arguments.
The conclusion still holds: realpath is potentially dangerous, it should either be used with a resolved_path length of PATH_MAX=4096, if defined or NULL, if not defined. An argument of NULL is equivalent to using canonicalize_file_name (if _GNU_SOURCE is defined)
