From: Beman Dawes (bdawes_at_[hidden])
Date: 2005-12-19 22:10:23
"Takeshi Mouri" <takeshi.mouri.net_at_[hidden]> wrote in message
> On boost 1.33.0 or later,
> class directory_iterator is implemented by readdir_r()
> for some POSIX platform.
> readdir_r() require a memory buffer which is larger than
> offsetof(dirent,d_name) + pathconf(dirname,_PC_NAME_MAX) + 1.
> But in operations.cpp, the size is sizeof(dirent).
> On some platform such as Linux, FreeBSD and Cygwin,
> a size of d_name member is 256.
> This is a enough size in many cases.
> OTOH, the size on Solaris and BeOS is 1.
> Therefore directory_iterator always cause buffer overflow.
Ouch! I was misreading the POSIX spec.
> See also:
> In the article above,
> calling readdir_r() after pathconf() has race condition,
> so it is necessary to secure the size that seems to be perhaps enough.
> Possibly, this problem might cause
The same thought occurred to me.
I'll try to get a fix in tomorrow.
Thanks for the report,
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk