From f617ccc64408e36250216b02e61373cfdbccf98b Mon Sep 17 00:00:00 2001
From: Myles Borins <myles.borins@gmail.com>
Date: Mon, 25 Apr 2016 09:07:37 -0700
Subject: [PATCH] unix: error on realpath if PATH_MAX is undefined
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Currently when PATH_MAX is undefined realpath will default to using 4096.
There is a potential stack overflow attack that can be mitigated by having
PATH_MAX defined. This change conservatively errors if a system does not
have PATH_MAX defined.

This change also explicitly includes `limits.h` to ensure that all platforms
have PATH_MAX defined if it is available.

Ref: http://pubs.opengroup.org/onlinepubs/9699919799/functions/realpath.html

Refs: https://github.com/nodejs/node/issues/2680#issuecomment-213521708
PR-URL: https://github.com/libuv/libuv/pull/843
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Saúl Ibarra Corretgé <saghul@gmail.com>
---
 src/unix/fs.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/unix/fs.c b/src/unix/fs.c
index 419961c0..5235d865 100644
--- a/src/unix/fs.c
+++ b/src/unix/fs.c
@@ -33,6 +33,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <limits.h> /* PATH_MAX */
 
 #include <sys/types.h>
 #include <sys/socket.h>
@@ -390,7 +391,7 @@ static ssize_t uv__fs_pathmax_size(const char* path) {
 #if defined(PATH_MAX)
     return PATH_MAX;
 #else
-    return 4096;
+#error "PATH_MAX undefined in the current platform"
 #endif
   }