Fix buffer overflow in glob()

Summary: glob() needs the directory to be less than PATH_MAX Test Plan: make make fast_tests DiffCamp Revision: 162960 Reviewed By: hzhao CC: hzhao, hphp-diffs@lists Revert Plan: Ok
shprasad · Dec 7, 2011 · 70aac14 · 70aac14
1 parent abacd5a
commit 70aac14
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/src/runtime/ext/ext_file.cpp b/src/runtime/ext/ext_file.cpp
@@ -1100,6 +1100,12 @@ Variant f_glob(CStrRef pattern, int flags /* = 0 */) {
   globbuf.gl_offs = 0;
   String work_pattern;
 
+  if (pattern.size() >= PATH_MAX) {
+    raise_warning("Pattern exceeds the maximum allowed length of %d characters",
+                  PATH_MAX);
+    return false;
+  }
+
   if (pattern.charAt(0) == '/') {
     work_pattern = pattern;
   } else {