- From: David Kaelbling <drk@sgi.com>
- Date: Tue, 10 Dec 2002 12:00:19 -0500
- To: www-lib@w3.org
Browsing the w3c-libwww source code, it looks like if READDIR_R_3 is
defined (because --enable-reentrant is used) the stack will get
corrupted. Both HTFile_readDir() and HTMulti.c's dir_matches() allocate
"struct dirent result;". The buffer needs to be bigger. The IRIX man
page says:
... The storage pointed to by entry shall be large enough
for a dirent with an array of char d_name member containing
at least {NAME_MAX} plus one elements.
If you pass something sizeof(struct dirent) then readdir_r will write
off the end of it when processing any non-trivial filename.
David
--
David KAELBLING <drk@sgi.com> Silicon Graphics Computer Systems
1 Cabot Rd, suite 250; Hudson, MA 01749 781.839.2157, fax ...2357
Received on Tuesday, 10 December 2002 12:02:27 UTC