[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: integer overflow in /bin/ls
From: |
Jim Meyering |
Subject: |
Re: integer overflow in /bin/ls |
Date: |
Tue, 14 Oct 2003 16:54:08 +0200 |
Paul Eggert <address@hidden> wrote:
> Jim Meyering <address@hidden> writes:
>> As you probably noticed, init_column_info allocates O(N^2)
>> space when ls is invoked with `--width=N' and -x or -C.
...
> I don't offhand see how to change the algorithm without giving up its
> optimality. However, we can easily limit N to the number of files in
> the current directory, and I think that's good enough to foil the
> denial of service attack in practical cases.
>
> Here's a proposed patch to do that. With this patch, we don't have to
> worry about the -w option; even 'ls -w 9223372036854775807' (on a
> 64-bit host) will do the right thing without exhausting memory (unless
> you're in a directory that contains billions of file names....).
>
> 2003-10-13 Paul Eggert <address@hidden>
>
> Fix to avoid a denial-of-service attack if the display width is
> enormous. Also, clean up the code a bit by removing duplicate
> code.
Great! Thanks again.
I've applied your patch.