From owner-svn-src-head@freebsd.org  Sun Nov 15 09:48:30 2020
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id D17CC2E1A5D
 for <svn-src-head@mailman.nyi.freebsd.org>;
 Sun, 15 Nov 2020 09:48:30 +0000 (UTC)
 (envelope-from igorkolesnik@posteo.net)
Received: from mout02.posteo.de (mout02.posteo.de [185.67.36.66])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "*.posteo.de",
 Issuer "StartCom Class 3 Primary Intermediate Server CA" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4CYnTB4szcz3NSv
 for <svn-src-head@freebsd.org>; Sun, 15 Nov 2020 09:48:30 +0000 (UTC)
 (envelope-from igorkolesnik@posteo.net)
Received: from submission (posteo.de [89.146.220.130]) 
 by mout02.posteo.de (Postfix) with ESMTPS id 909C22400FB
 for <svn-src-head@freebsd.org>; Sun, 15 Nov 2020 10:48:28 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=posteo.net; s=2017;
 t=1605433708; bh=rvTJGSiw0ltosXOMYPHHqVttj3tSVTuH1tgLOk96YRo=;
 h=Subject:From:Date:Cc:To:From;
 b=F/FMiFyLS22rtLXnaS3DXs6WubCXX9iugjV4d7S+fVR5BIhhdpYCoPdBAqFg7M2x4
 fTsD75u24vDovhVxo7wmpGmTGEWFndtuRP35C3YxCw0m9VAlWDymhsniFMokXu6GJU
 ziV+h9yc5S+SAPS1BB2JXKq/iROxGQ5ieNBUw49CH2t+8DX7TrG344E/ydhpK317ew
 pkEEkJdkZ1U++KKNJvTpCMC/bxuX5RrYA+1vBnRxw9l6wOgI52ZqZrKkpymCOmBslO
 J1SA2SK2I/LwhcOmpPMdt2rrsEB1kary2gnqnVUPzViLjQlJjkW59633k3n25yk/Ah
 ZdgDGTKHWer/g==
Received: from customer (localhost [127.0.0.1])
 by submission (posteo.de) with ESMTPSA id 4CYnT76q94z6tmF;
 Sun, 15 Nov 2020 10:48:27 +0100 (CET)
Content-Type: text/plain;
	charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\))
Subject: Re: svn commit: r367701 - head/lib/libutil
From: Igor Kolesnik <igorkolesnik@posteo.net>
In-Reply-To: <202011150748.0AF7mqW3016900@repo.freebsd.org>
Date: Sun, 15 Nov 2020 11:48:27 +0200
Cc: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <0FE37F7D-6878-40F2-B606-A8CADFF270BF@posteo.net>
References: <202011150748.0AF7mqW3016900@repo.freebsd.org>
To: Scott Long <scottl@FreeBSD.org>
X-Mailer: Apple Mail (2.3608.120.23.2.4)
X-Rspamd-Queue-Id: 4CYnTB4szcz3NSv
X-Spamd-Bar: ----
Authentication-Results: mx1.freebsd.org;
	none
X-Spamd-Result: default: False [-4.00 / 15.00];
	 REPLY(-4.00)[]
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 15 Nov 2020 09:48:30 -0000


> Modified: head/lib/libutil/getlocalbase.c
> =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
> --- head/lib/libutil/getlocalbase.c	Sun Nov 15 01:54:44 2020	=
(r367700)
> +++ head/lib/libutil/getlocalbase.c	Sun Nov 15 07:48:52 2020	=
(r367701)
> @@ -41,7 +41,7 @@ __FBSDID("$FreeBSD$");
> ssize_t
> getlocalbase(char *path, size_t pathlen)
> {
> -	size_t tmplen;
> +	ssize_t tmplen;
> 	const char *tmppath;
>=20
> 	if ((pathlen =3D=3D 0) || (path =3D=3D NULL)) {
> @@ -49,13 +49,20 @@ getlocalbase(char *path, size_t pathlen)
> 		return (-1);
> 	}
>=20
> +	/* It's unlikely that the buffer would be this big */
> +	if (pathlen > SSIZE_MAX) {
> +		errno =3D ENOMEM;
> +		return (-1);
> +	}
> +
> 	tmppath =3D NULL;
> -	tmplen =3D pathlen;
> +	tmplen =3D (size_t)pathlen;

Typo?  Shouldn=E2=80=99t pathlen be cast to ssize_t?

> 	if (issetugid() =3D=3D 0)
> 		tmppath =3D getenv("LOCALBASE");
>=20
> 	if ((tmppath =3D=3D NULL) &&
> -	    (sysctlbyname("user.localbase", path, &tmplen, NULL, 0) =3D=3D=
 0)) {
> +	    (sysctlbyname("user.localbase", path, (size_t *)&tmplen, =
NULL,
> +	    0) =3D=3D 0)) {
> 		return (tmplen);
> 	}
>=20
> @@ -67,13 +74,13 @@ getlocalbase(char *path, size_t pathlen)
> #endif
>=20
> 	tmplen =3D strlcpy(path, tmppath, pathlen);
> -	if ((tmplen < 0) || (tmplen >=3D pathlen)) {
> +	if ((tmplen < 0) || (tmplen >=3D (ssize_t)pathlen)) {
> 		errno =3D ENOMEM;
> 		return (-1);
> 	}
>=20
> 	/* It's unlikely that the buffer would be this big */
> -	if (tmplen >=3D SSIZE_MAX) {
> +	if (tmplen > SSIZE_MAX) {
> 		errno =3D ENOMEM;
> 		return (-1);
> 	}