Am 07.06.2018 um 13:31 schrieb Samuel Thibault: > Michael Biebl, le jeu. 07 juin 2018 13:26:26 +0200, a ecrit: >> On Mon, 4 Jun 2018 00:50:26 +0200 Samuel Thibault <sthiba...@debian.org> >> wrote: >>> Package: rsyslog >>> Version: 8.34.0-1 >>> Severity: important >>> Tags: patch >>> >>> Hello, >>> >>> rsyslog currently FTBFS on hurd-i386 due to unconditional uses of >>> PATH_MAX. Here is a patch fixing it. >> >> If we are going to use PATH_MAX anyway as well for hurd, why not define >> it globally so avoid patching countless packages? > > Because uncontrolled use of PATH_MAX leads to buffer overflows and whatnot. > (actually, very often, code using PATH_MAX do have buffer overflows, > while code using dynamic allocation don't). > > We do not want to introduce such kind of limitation into realpath(), but > #defining PATH_MAX would mean we *have* to limit realpath(), otherwise > applications doing > > char t[PATH_MAX]; > realpath(some_ppath, t) > > would overflow the buffer. Yes, realpath has a crappy interface > concerning PATH_MAX, blame POSIX for that.
But what your patch does is defining PATH_MAX to 4096. Color me confused. Anyway, such patches should best be sent upstream. Regards, Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth?
signature.asc
Description: OpenPGP digital signature
