From: Eric Pouech Subject: [PATCH 0/4] a couple of fixes to programs/cmd Message-Id: <164139305597.97654.10505773825898841193.stgit@euterpe> Date: Wed, 5 Jan 2022 15:55:19 +0100 I thought fixing bug #51599 would be quick and simple... Fixing was quick, but I shouldn't have tried to run the non regression tests... which opened a can of worms patch #2 fixes some error cases on input handling the can of worms: it happens that I have a single symlinks in my (not pristine) prefix (well a very very simple one: Z: -> /) cmd.exe (and attrib.exe) **NEVER** test for buffer overflow when recursing inside the directory tree structure (I haven't checked the other utilities yet) I tested native behavior: depth-recursion stops around MAX_PATH length... while breadth-recursion continues; and there's no detection about DAG or entering twice the same directory so patches #3 and #4 are about not recursing when buffer would overflow in attrib.exe and cmd.exe Notes: - not all the places (in cmd) have been fixed by those patches for buffer overflow - there are some places that take care of allocating larger buffers than MAX_PATH, hence preventing the recursion to stop as native does - with those patches, I still can't successfully run the cmd regression test with the symlink in place (maybe I need to be more patient than one hour :-( - regression tests pass on a pristine prefix though A+ --- Eric Pouech (4): programs/cmd: handle white space only lines within ( ) block programs/cmd: handle read errors in WCMD_ask_confirm programs/attrib: don't overflow internal path buffers programs/cmd: don't overflow internal path buffers programs/attrib/attrib.c | 10 ++++++---- programs/cmd/builtins.c | 25 ++++++++++++++++++------- programs/cmd/directory.c | 1 + programs/cmd/wcmdmain.c | 8 ++++++-- 4 files changed, 31 insertions(+), 13 deletions(-)