fseek的使用和FTELL确定文件的大小有漏洞? [英] Using fseek and ftell to determine the size of a file has a vulnerability?
问题描述
我读过的帖子显示如何使用fseek的和FTELL确定文件的大小。
I've read posts that show how to use fseek and ftell to determine the size of a file.
FILE *fp;
long file_size;
char *buffer;
fp = fopen("foo.bin", "r");
if (NULL == fp) {
/* Handle Error */
}
if (fseek(fp, 0 , SEEK_END) != 0) {
/* Handle Error */
}
file_size = ftell(fp);
buffer = (char*)malloc(file_size);
if (NULL == buffer){
/* handle error */
}
我正要使用这种技术,但后来我遇到了这个<一个href=\"https://www.securecoding.cert.org/confluence/display/sec$c$c/FIO19-C.+Do+not+use+fseek%28%29+and+ftell%28%29+to+compute+the+size+of+a+file\">link描述一个潜在的漏洞。
I was about to use this technique but then I ran into this link that describes a potential vulnerability.
链接推荐使用FSTAT来代替。任何人都可以对此有何评论?
The link recommends using fstat instead. Can anyone comment on this?
推荐答案
链接是C从CERT编码咨询很多无厘头的作品之一。他们的理由是基于自由的C标准允许实现需要,但它们的不是POSIX允许的,因而无关紧要的,你必须所有情况下 FSTAT 作为替代。
The link is one of the many nonsensical pieces of C coding advice from CERT. Their justification is based on liberties the C standard allows an implementation to take, but which are not allowed by POSIX and thus irrelevant in all cases where you have fstat as an alternative.
POSIX要求:
-
的
B修改为的fopen没有任何效果,即文本和二进制模式相同的行为。这意味着他们对文本文件调用UB关注是无稽之谈。
that the
"b"modifier forfopenhave no effect, i.e. that text and binary mode behave identically. This means their concern about invoking UB on text files is nonsense.
这文件有一个字节分辨率大小通过写操作设置和截断操作。这意味着他们对空字节的随机数在文件的最后关注的是废话。
that files have a byte-resolution size set by write operations and truncate operations. This means their concern about random numbers of null bytes at the end of the file is nonsense.
不幸的是所有这样他们出版的废话,这是很难知道认真对待这CERT的出版物。这是一种耻辱,因为他们很多是严重的。
Sadly with all the nonsense like this they publish, it's hard to know which CERT publications to take seriously. Which is a shame, because lots of them are serious.
这篇关于fseek的使用和FTELL确定文件的大小有漏洞?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
