From: Martin Stromberg Message-Id: <199803151753.SAA03418@propus.lu.erisoft.se> Subject: Re: Where to get the latest sources for djtar To: eliz AT is DOT elta DOT co DOT il (Eli Zaretskii) Date: Sun, 15 Mar 1998 18:53:35 +0100 (MET) Cc: djgpp-workers AT delorie DOT com In-Reply-To: from "Eli Zaretskii" at Mar 15, 98 07:27:05 pm MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Precedence: bulk > > r = mkdir (n, 0777); > > if (r) > > + { > > + if(errno == ENOENT) > > + { > > + Fatal("Unable to create directory"); > > + } > > r = change(n, "Unable to create directory", 1); > > + } > > This doesn't seem right. If we want to protect djtar from stack overrun, > lets' just look out for the length of the name to be more than PATH_MAX > and abort with a specific message. > > If you are solving here a problem other than the stack overrun, then what > is the problem, exactly? > > Testing for ENOENT is likely to backfire, as DOS makes libc functions > generate ENOENT in too many cases. Well, if djtar fails to create a directory because of too deep directory nesting, it shouldn't give up, should it? Perhaps there are more files to be extracted later in the archive higher up in the directory structure. Note that the user don't know why it couldn't create the directory, so he first tries to give one name and then when that fails another longer one consisting of the first name and a "2" (in my case it was "elf" and then "elf2"), which makes djtar overwrite the stack (in my case it was "elf2222222222222222222222222222222222...222"). Later I found out that if the disk is full, the same behaviour is shown. Perhaps the patch should be: r = mkdir (n, 0777); if (r) + { + if(errno == ENOENT + && (is_disk_full() || too_deep_dirs()) + { + Fatal("Unable to create directory"); + } r = change(n, "Unable to create directory", 1); + } ?, MartinS