You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@apr.apache.org by Mladen Turk <mt...@apache.org> on 2009/09/10 21:02:52 UTC
[WIN32] utf8_to_unicode_path conversion errors
Hi,
I suppose Bill will give some more insight into this
cause it's only win related.
I came into edge case where utf8_to_unicode_path fails
for apr_stat on NT pipes.
NT pipes have maximum name length of 256 chars, and
utf8_to_unicode_path starts mangling paths longer
then 248 chars.
code from file_io/win32/open.c :
if (srcremains > 248) {
...
else if ((srcstr[0] == '/' || srcstr[0] == '\\')
&& (srcstr[1] == '/' || srcstr[1] == '\\')
&& (srcstr[2] != '?')) {
...
wcscpy (retstr, L"\\\\?\\UNC\\");
Now this will for pipe names that always start
with '\\.\pipe\' or '\\server\pipe\' and are longer
then 248 chars produce something like
\\?\UNC\.\pipe\... leading to ERROR_PATH_NOT_FOUND.
Further more GetFileAttributesW in apr_stat blocks for 30+
seconds leading to potential DoS attack.
The solution is to add "&& (srcstr[2] != '.')" to the
upper check, but dunno if that would break something else
Comments?
Regards
--
^TM