[18575] in bugtraq
Re: major security bug in reiserfs (may affect SuSE Linux)
daemon@ATHENA.MIT.EDU (Felix von Leitner)
Fri Jan 12 13:10:25 2001
Mail-Followup-To: Felix von Leitner <leitner@vim.org>, BUGTRAQ@SECURITYFOCUS.COM
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Message-Id: <20010111113958.C10114@vim.org>
Date: Thu, 11 Jan 2001 11:39:58 +0100
Reply-To: Felix von Leitner <leitner@VIM.ORG>
From: Felix von Leitner <leitner@VIM.ORG>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <0101102007480.2140-100000@localhost>; from
Christian.Zuckschwerdt@TRIQ.NET on Wed, Jan 10,
2001 at 08:52:16PM +0100
Thus spake Christian Zuckschwerdt (Christian.Zuckschwerdt@TRIQ.NET):
> there are indeed funny things with long filenames:
This may not be a kernel bug after all.
The Linux getdents syscall (which is used to implement readdir) is
called with a buffer and the size of the buffer, so the libc chooses how
large that buffer should be. My diet libc chooses 1024, which should be
large enough, but of course isn't, when a file system does not enforce
the maximum file name length.
In that case, getdents returns EINVAL. Can someone please run strace on
ls and see if this is what happens?
Felix
