Fix error handling when reading binary path from /proc

On Linux, Hurd, Cygwin, DragonFly BSD and Solaris/Illumos, Kakoune obtains
a path to its binary by reading the appropriate /proc symlink target.
readlink() can fail or it can fill the entire buffer, silently truncating
the path if the buffer is too small.

kak_assert() is compiled out in non-debug builds so we ignore a readlink()
failure, corrupt the stack by writing to buffer[-1] then return a string
from the uninitialised buffer.

If readlink() succeeds and the binary path is sizeof(buffer) long, we write
a \0 terminator beyond its end. If it is longer, we also truncate the path.

Throw a fatal error on startup in all these unlikely failure cases.
This commit is contained in:
Chris Webb 2024-05-12 12:11:04 +01:00 committed by Maxime Coste
parent 0e92b3fdef
commit 97a5d68adf

View File

@ -634,7 +634,8 @@ String get_kak_binary_path()
char buffer[2048];
#if defined(__linux__) or defined(__CYGWIN__) or defined(__gnu_hurd__)
ssize_t res = readlink("/proc/self/exe", buffer, 2048);
kak_assert(res != -1);
if (res == -1 || res >= 2048)
throw runtime_error("unable to get the executable path");
buffer[res] = '\0';
return buffer;
#elif defined(__FreeBSD__) or defined(__NetBSD__)
@ -662,7 +663,8 @@ String get_kak_binary_path()
return path.Path();
#elif defined(__DragonFly__)
ssize_t res = readlink("/proc/curproc/file", buffer, 2048);
kak_assert(res != -1);
if (res == -1 || res >= 2048)
throw runtime_error("unable to get the executable path");
buffer[res] = '\0';
return buffer;
#elif defined(__OpenBSD__)
@ -670,7 +672,8 @@ String get_kak_binary_path()
return KAK_BIN_PATH;
#elif defined(__sun__)
ssize_t res = readlink("/proc/self/path/a.out", buffer, 2048);
kak_assert(res != -1);
if (res == -1 || res >= 2048)
throw runtime_error("unable to get the executable path");
buffer[res] = '\0';
return buffer;
#else