The SWI-Prolog GIT repositories

SECURITY: Possible buffer overflows when expanding file-names with long
authorJan Wielemaker <J.Wielemaker@cs.vu.nl>
Sun, 16 Dec 2012 16:29:37 +0000 (17:29 +0100)
committerJan Wielemaker <J.Wielemaker@cs.vu.nl>
Sun, 16 Dec 2012 20:59:30 +0000 (21:59 +0100)
commitb2c88972e7515ada025e97e7d3ce3e34f81cf33e
treec4c8846675830ee7d3228625fad7df1335bed388
parenta13e8ffe767ae16583af89649c9fde9c3e91c208
SECURITY: Possible buffer overflows when expanding file-names with long
paths.  Affects expand_file_name/2.

Can lead to crashes (DoS attacks) and possibly execution of arbitrary
code if an attacker can control the names of the files searched for,
e.g., if expand_file_name/2 is used in a directory to which an attacker
can upload files for which he can control the name.
src/os/pl-glob.c

Further information about the SWI-Prolog GIT repositories