[patch] Fix g10/exec.c (make_tempdir) [_WIN32] not properly handling GetTempPath

Israel G. Lugo ilugo at bridonsecurity.com
Sat May 27 04:05:56 CEST 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 

David Shaw wrote:
> Regular paths (as opposed to Unicode) are limited to 260 bytes -
> MAX_PATH.  Even with this patch, if the user managed to specify a
> temporary directory longer than 260 bytes, we still wouldn't be
> able to write a file into it.
>
> [...]
>
> GnuPG doesn't use the Unicode functions in Win32.  It would be
> decidedly non-trivial to change over all file handling to use
> wchar_t everywhere, especially as it would render a lot of code
> non-portable.
Oh, good point. I hadn't noticed that particular section. This would
indeed mean most of the benefits would only really apply if we
supported Unicode.

There is still the point of introducing the least amount of
limitations of our own, all things being equal (so as to be as
future-proof as possible). That would be the main reason I would see
for applying this patch. However, since no other place in the program
would even function with paths larger than 260 bytes, making the
change here would be of little consequence. Also, since it is
documented that paths are no longer than 260 bytes, GPG would very
likely not be the only program in these conditions.

The only real benefit I can see, then, would be that using only the
required amount of memory to hold the tmp path (e.g. not allocating
260 bytes to possibly hold something as small as "c:\temp"). However,
since tmp is being freed shortly after being allocated, that doesn't
really make much of a difference either.

Well, at least the crash bug is fixed :)

Israel
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
 
iD8DBQFEd7QEgn9msFnMGkcRArsPAKDrNJAdINWWn1r7SQHFA/h9YWoBQQCeMi0Z
Hr0lotYZS+UwL3bjibGD5y0=
=HFzW
-----END PGP SIGNATURE-----




More information about the Gnupg-devel mailing list