Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rust assumes PATH_MAX is not a lie in a few places #27454

Closed
mstewartgallus opened this issue Aug 1, 2015 · 0 comments
Closed

Rust assumes PATH_MAX is not a lie in a few places #27454

mstewartgallus opened this issue Aug 1, 2015 · 0 comments
Labels
P-medium Medium priority

Comments

@mstewartgallus
Copy link
Contributor

See http://insanecoding.blogspot.ca/2007/11/pathmax-simply-isnt.html for some background. Basically, PATH_MAX just doesn't work.

Currently. Rust uses PATH_MAX in a few important places.

./src/libstd/sys/unix/fs.rs:377:let mut buf = vec![0;libc::PATH_MAX as usize];
./src/libstd/sys/unix/fs.rs:469:len = 1024; // FIXME: read PATH_MAX from C ffi?
./src/rt/rust_builtin.c:337:char buf[2*PATH_MAX], exe[2*PATH_MAX];
./src/rt/rust_builtin.c:380:snprintf(buf, 2*PATH_MAX, "%s/%s", paths[i], argv0);

Generally, the best approach to work around this is to loop and double a buffer in size until it is big enough in size to fill with the path or to query the size of the path of the file using fpathconf. I'm not sure if any filesystems on any modern OSes return -1 for the result of fpathconf. Letting things get too big opens up a DOS attack though so be careful I guess?

The fpathconf strategy or the doubling buffer strategy can be done with ./src/libstd/sys/unix/fs.rs:469 but I'm not sure how to handle the Rust cases that use realpath (unless realpath is reimplemented by hand). The C code can just use the NULL argument but I forget if there's a way to martial allocated by C data to Rust.
@Gankra Gankra added P-medium Medium priority A-libs labels Aug 2, 2015
@barosl barosl mentioned this issue Aug 21, 2015
Merged
bors added a commit that referenced this issue Aug 27, 2015
@bors
Auto merge of #27930 - barosl:path_max, r=alexcrichton
79dd92f 
This PR rewrites the code that previously relied on `PATH_MAX`.

On my tests, even though the user gives the buffer length explicitly, both Linux's glibc and OS X's libc seems to obey the hard limit of `PATH_MAX` internally. So, to truly remove the limitation of `PATH_MAX`, the related system calls should be rewritten from scratch in Rust, which this PR does not try to do.

However, eliminating the need of `PATH_MAX` is still a good idea for various reasons, such as: (1) they might change the implementation in the future, and (2) some platforms don't have a hard-coded `PATH_MAX`, such as GNU Hurd.

More details are in the commit messages.

Fixes #27454.

r? @alexcrichton
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
P-medium Medium priority
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Gankra @mstewartgallus