Permalink
Browse files

Fix buffer overflow in glob()

Summary:
glob() needs the directory to be less than PATH_MAX

Test Plan:
make
make fast_tests

DiffCamp Revision: 162960
Reviewed By: hzhao
CC: hzhao, hphp-diffs@lists
Revert Plan:
Ok
  • Loading branch information...
1 parent abacd5a commit 70aac1407e72faf5d1b7c91adbdce7faaf85ba87 @scottmac scottmac committed with scottmac Sep 28, 2010
Showing with 6 additions and 0 deletions.
  1. +6 −0 src/runtime/ext/ext_file.cpp
@@ -1100,6 +1100,12 @@ Variant f_glob(CStrRef pattern, int flags /* = 0 */) {
globbuf.gl_offs = 0;
String work_pattern;
+ if (pattern.size() >= PATH_MAX) {
+ raise_warning("Pattern exceeds the maximum allowed length of %d characters",
+ PATH_MAX);
+ return false;
+ }
+
if (pattern.charAt(0) == '/') {
work_pattern = pattern;
} else {

0 comments on commit 70aac14

Please sign in to comment.