Re: minidlna buffer overflow on netbsd-8/amd64

["John D. Baker" <jdbaker%consolidated.net@localhost>]

On Sat, 26 Oct 2019, maya%NetBSD.org@localhost wrote:

> As a starting point, it uses MAXPATHLEN as a buffer size. I think it
> should be MAXPATHLEN+1 (or PATH_MAX) to avoid an overflow with the null
> byte.
> (Highly unlikely this could be abused).

So, I did global search and destroy^Wreplace of MAXPATHLEN with PATH_MAX
and the resulting binary behaves the same.  Still gets overflow and
terminated.

> Will overflow the file buffer if it's a really long pathname and it ends
> with, say, /really/long/path.

My directory hierarchy of media files hasn't changed since minidlna
last worked properly, so path lengths haven't gotten any longer than
before.  I don't recall now if the breakage occurred when I upgraded
from netbsd-7 to netbsd-8 on the machine.  Maybe.

Not sure about the other items you mentioned.

-- 
|/"\ John D. Baker, KN5UKS               NetBSD     Darwin/MacOS X
|\ / jdbaker[snail]consolidated[flyspeck]net  OpenBSD            FreeBSD
| X  No HTML/proprietary data in email.   BSD just sits there and works!
|/ \ GPGkeyID:  D703 4A7E 479F 63F8 D3F4  BD99 9572 8F23 E4AD 1645