headers
Thomas Klausner | 12 Jul 2012 12:13
Picon

openpty: limits for name

A Linux man page I found for openpty says:

BUGS
       Nobody knows how much space should be reserved for name. So,
       calling openpty() or forkpty() with non-NULL name may not be secure.

Our man page is silent on that.

The code in libutil/pty.c just does:
 if (name)
    (void)strcpy(name, linep);

I wonder if we (can and) want to promise a limit in the man page, or
just add a comment like the one in the Linux man page.
 Thomas
Permalink | Reply |
headers
Joerg Sonnenberger | 12 Jul 2012 13:26
Picon

Re: openpty: limits for name

On Thu, Jul 12, 2012 at 12:13:18PM +0200, Thomas Klausner wrote:
> I wonder if we (can and) want to promise a limit in the man page, or
> just add a comment like the one in the Linux man page.

Well, it's a path name, so the natural limit is PATH_MAX.

Joerg
Permalink | Reply |
headers
David Holland | 23 Jul 2012 01:06
Picon

Re: openpty: limits for name

On Thu, Jul 12, 2012 at 12:13:18PM +0200, Thomas Klausner wrote:
 > A Linux man page I found for openpty says:
 > 
 > BUGS
 >        Nobody knows how much space should be reserved for name. So,
 >        calling openpty() or forkpty() with non-NULL name may not be secure.
 > 
 > Our man page is silent on that.
 > 
 > The code in libutil/pty.c just does:
 >  if (name)
 >     (void)strcpy(name, linep);
 > 
 > I wonder if we (can and) want to promise a limit in the man page, or
 > just add a comment like the one in the Linux man page.

Well, "nobody knows how much space to use" is a long form of "do not
use this interface", so unless we want to join the Linux world in
deprecating these calls in favor of open-coding the logic and calling
grantpt(), it should be defined and documented.

it is probably also worth getting the change into all the BSDs.

--

-- 
David A. Holland
dholland <at> netbsd.org
Permalink | Reply |

Gmane