Boost logo

Boost :

From: Ben Hutchings (ben_at_[hidden])
Date: 2004-12-13 06:34:10


I wrote:
> + // The required buffer size is the size that struct dirent would
> + // have were its d_name array to be long enough - which it might
> + // not be.
> + const std::size_t buf_len = sizeof( struct dirent )
> + - sizeof( ( (struct dirent *) 0 )->d_name )
> + + ::pathconf( dir, _PC_NAME_MAX ) + 1;

Oops, this isn't safe; there's a potential race condition that could
result in buffer overflow. Replace the pathconf call-expression with
just NAME_MAX and it should be OK.

Ben.

-- 
Ben Hutchings
Klipstein's 4th Law of Prototyping and Production:
                                    A fail-safe circuit will destroy others.

Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk