Boost logo

Boost :

From: Jorge Lodos (lodos_at_[hidden])
Date: 2007-03-15 18:42:15

The function BOOST_FILESYSTEM_DECL path system_complete( const path & ph )
in operations_posix_windows.cpp contains the following code:
      char buf[MAX_PATH];
      char * pfn;
      std::size_t len = ::GetFullPathNameA( ph.string().c_str(),
                                            sizeof(buf) , buf, &pfn );
      if ( !len )
        { boost::throw_exception(
            filesystem_error( "boost::filesystem::system_complete",
              ph, "size is 0" ) ); }
      buf[len] = '\0';

If the full path name is larger than MAX_PATH, the last line will cause a
buffer overflow.
This bug is not present in 1.34.

Best regards
Jorge Lodos

Boost list run by bdawes at, gregod at, cpdaniel at, john at