From 0aca521ab84e3f020085891bdab652680368ce4f Mon Sep 17 00:00:00 2001 From: Egor Duda Date: Sun, 16 Sep 2001 14:26:11 +0000 Subject: [PATCH] * path.cc (symlink): Check arguments for validity. (getcwd): Ditto. * syscalls.cc (ftruncate): Ditto. * times.cc (times): Ditto. * uname.cc (uname): Ditto. --- winsup/cygwin/ChangeLog | 8 ++++++++ winsup/cygwin/path.cc | 31 +++++++++++++++++++------------ winsup/cygwin/syscalls.cc | 6 +++++- winsup/cygwin/times.cc | 3 +++ winsup/cygwin/uname.cc | 4 ++++ 5 files changed, 39 insertions(+), 13 deletions(-) diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog index ff8cc18bd..9f611e76e 100644 --- a/winsup/cygwin/ChangeLog +++ b/winsup/cygwin/ChangeLog @@ -1,3 +1,11 @@ +2001-09-16 Egor Duda + + * path.cc (symlink): Check arguments for validity. + (getcwd): Ditto. + * syscalls.cc (ftruncate): Ditto. + * times.cc (times): Ditto. + * uname.cc (uname): Ditto. + Sat Sep 15 22:54:49 2001 Christopher Faylor * net.cc (dup_servent_ptr): Detect old Windows 95 misaligned structure diff --git a/winsup/cygwin/path.cc b/winsup/cygwin/path.cc index 92611d7b1..1c7c554af 100644 --- a/winsup/cygwin/path.cc +++ b/winsup/cygwin/path.cc @@ -2399,6 +2399,19 @@ symlink (const char *topath, const char *frompath) DWORD written; SECURITY_ATTRIBUTES sa = sec_none_nih; + /* POSIX says that empty 'frompath' is invalid input whlie empty + 'topath' is valid -- it's symlink resolver job to verify if + symlink contents point to existing filesystem object */ + if (check_null_empty_str_errno (topath) == EFAULT || + check_null_empty_str_errno (frompath)) + goto done; + + if (strlen (topath) >= MAX_PATH) + { + set_errno (ENAMETOOLONG); + goto done; + } + win32_path.check (frompath, PC_SYM_NOFOLLOW); if (allow_winsymlinks && !win32_path.error) { @@ -2415,17 +2428,6 @@ symlink (const char *topath, const char *frompath) syscall_printf ("symlink (%s, %s)", topath, win32_path.get_win32 ()); - if (topath[0] == 0) - { - set_errno (EINVAL); - goto done; - } - if (strlen (topath) >= MAX_PATH) - { - set_errno (ENAMETOOLONG); - goto done; - } - if (win32_path.is_device () || win32_path.file_attributes () != (DWORD) -1) { @@ -2984,7 +2986,12 @@ hashit: char * getcwd (char *buf, size_t ulen) { - return cygheap->cwd.get (buf, 1, 1, ulen); + char* res = NULL; + if (ulen == 0) + set_errno (EINVAL); + else if (!__check_null_invalid_struct_errno (buf, ulen)) + res = cygheap->cwd.get (buf, 1, 1, ulen); + return res; } /* getwd: standards? */ diff --git a/winsup/cygwin/syscalls.cc b/winsup/cygwin/syscalls.cc index d6ef25c58..1453f4fed 100644 --- a/winsup/cygwin/syscalls.cc +++ b/winsup/cygwin/syscalls.cc @@ -1768,7 +1768,11 @@ ftruncate (int fd, off_t length) sigframe thisframe (mainthread); int res = -1; - if (cygheap->fdtab.not_open (fd)) + if (length < 0) + { + set_errno (EINVAL); + } + else if (cygheap->fdtab.not_open (fd)) { set_errno (EBADF); } diff --git a/winsup/cygwin/times.cc b/winsup/cygwin/times.cc index ee5fe5f50..e5635ddff 100644 --- a/winsup/cygwin/times.cc +++ b/winsup/cygwin/times.cc @@ -52,6 +52,9 @@ times (struct tms * buf) { FILETIME creation_time, exit_time, kernel_time, user_time; + if (check_null_invalid_struct_errno (buf)) + return ((clock_t) -1); + DWORD ticks = GetTickCount (); /* Ticks is in milliseconds, convert to our ticks. Use long long to prevent overflow. */ diff --git a/winsup/cygwin/uname.cc b/winsup/cygwin/uname.cc index 054033a8a..b73dc970f 100644 --- a/winsup/cygwin/uname.cc +++ b/winsup/cygwin/uname.cc @@ -21,6 +21,10 @@ uname (struct utsname *name) { DWORD len; SYSTEM_INFO sysinfo; + + if (check_null_invalid_struct_errno (name)) + return -1; + char *snp = strstr (cygwin_version.dll_build_date, "SNP"); memset (name, 0, sizeof (*name));