Bug#993373: Use-after-free bug in realpath()
Dear Antonin
Thanks for your replay.
On Tuesday, August 31, 2021 4:04 PM, Antonin Décimo <antonin.decimo@gmail.com> wrote:
Last year I wrote a lot of patches for pmount, amongst which two
remove the bundled implementation of realpath and switch to the
"modern" interface
char *realpath(const char *restrict path, NULL);
[...]
Instead of the patch you send, why not drop it completely like I did?
Definitely the better option in any regard! I feared the packages is not
well-maintained, so I opted for a patch which doesn't touch much hoping
to reduce maintenance burden and get this fixed easily. (And also because
I don't program C and don't know the (often subtle) differences in those
implementations).
I'm also afraid that the Debian package is unmaintained.
Sad news. So I guess the best is to avoid pmount packages for now.
I wasn't ready to release my updated pmount as the current head commit
is broken, and I haven't had time to fix it. I also need to convince
myself that the commit history looks good and that I haven't
introduced more bugs than I've fixed.
If you have some time to spare, please take a look!
Nice to see that someone gave some love to pmount in the last years!
I tested your HEAD but as you mentioned it's doesn't work.
As I said, I don't program C, so probably can't help you with that problem.
I hope you're fork will become the source eventually.
Maybe linking to your repo instead of a dead alioth-archive page would rise
its visibility, getting one step closer to that goal.
Regards
Madie
Reply to: