<html> <head> <base href="https://bugs.documentfoundation.org/"> </head> <body><table border="1" cellspacing="0" cellpadding="8"> <tr> <th>Bug ID</th> <td><a class="bz_bug_link bz_status_UNCONFIRMED " title="UNCONFIRMED - overflow at realpath()" href="https://bugs.documentfoundation.org/show_bug.cgi?id=118514">118514</a> </td> </tr> <tr> <th>Summary</th> <td>overflow at realpath() </td> </tr> <tr> <th>Product</th> <td>LibreOffice </td> </tr> <tr> <th>Version</th> <td>unspecified </td> </tr> <tr> <th>Hardware</th> <td>All </td> </tr> <tr> <th>OS</th> <td>All </td> </tr> <tr> <th>Status</th> <td>UNCONFIRMED </td> </tr> <tr> <th>Severity</th> <td>normal </td> </tr> <tr> <th>Priority</th> <td>medium </td> </tr> <tr> <th>Component</th> <td>LibreOffice </td> </tr> <tr> <th>Assignee</th> <td>libreoffice-bugs@lists.freedesktop.org </td> </tr> <tr> <th>Reporter</th> <td>mishra.dhiraj95@gmail.com </td> </tr></table> <p> <div> <pre>File: <a href="https://github.com/LibreOffice/core/blob/master/desktop/unx/source/start.c#L191">https://github.com/LibreOffice/core/blob/master/desktop/unx/source/start.c#L191</a> This function does not protect against buffer overflows, and some implementations can overflow internally. Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. According to the documentation of realpath() the output buffer needs to be at least of size PATH_MAX specifying output buffers large enough to handle the maximum-size possible result from path manipulation functions.</pre> </div> </p> <hr> <span>You are receiving this mail because:</span> <ul> <li>You are the assignee for the bug.</li> </ul> </body> </html>