Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 15 Nov 2020 11:48:27 +0200
From:      Igor Kolesnik <igorkolesnik@posteo.net>
To:        Scott Long <scottl@FreeBSD.org>
Cc:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   Re: svn commit: r367701 - head/lib/libutil
Message-ID:  <0FE37F7D-6878-40F2-B606-A8CADFF270BF@posteo.net>
In-Reply-To: <202011150748.0AF7mqW3016900@repo.freebsd.org>
References:  <202011150748.0AF7mqW3016900@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 


> Modified: head/lib/libutil/getlocalbase.c
> ==============================================================================
> --- head/lib/libutil/getlocalbase.c	Sun Nov 15 01:54:44 2020	(r367700)
> +++ head/lib/libutil/getlocalbase.c	Sun Nov 15 07:48:52 2020	(r367701)
> @@ -41,7 +41,7 @@ __FBSDID("$FreeBSD$");
> ssize_t
> getlocalbase(char *path, size_t pathlen)
> {
> -	size_t tmplen;
> +	ssize_t tmplen;
> 	const char *tmppath;
> 
> 	if ((pathlen == 0) || (path == NULL)) {
> @@ -49,13 +49,20 @@ getlocalbase(char *path, size_t pathlen)
> 		return (-1);
> 	}
> 
> +	/* It's unlikely that the buffer would be this big */
> +	if (pathlen > SSIZE_MAX) {
> +		errno = ENOMEM;
> +		return (-1);
> +	}
> +
> 	tmppath = NULL;
> -	tmplen = pathlen;
> +	tmplen = (size_t)pathlen;

Typo?  Shouldn’t pathlen be cast to ssize_t?

> 	if (issetugid() == 0)
> 		tmppath = getenv("LOCALBASE");
> 
> 	if ((tmppath == NULL) &&
> -	    (sysctlbyname("user.localbase", path, &tmplen, NULL, 0) == 0)) {
> +	    (sysctlbyname("user.localbase", path, (size_t *)&tmplen, NULL,
> +	    0) == 0)) {
> 		return (tmplen);
> 	}
> 
> @@ -67,13 +74,13 @@ getlocalbase(char *path, size_t pathlen)
> #endif
> 
> 	tmplen = strlcpy(path, tmppath, pathlen);
> -	if ((tmplen < 0) || (tmplen >= pathlen)) {
> +	if ((tmplen < 0) || (tmplen >= (ssize_t)pathlen)) {
> 		errno = ENOMEM;
> 		return (-1);
> 	}
> 
> 	/* It's unlikely that the buffer would be this big */
> -	if (tmplen >= SSIZE_MAX) {
> +	if (tmplen > SSIZE_MAX) {
> 		errno = ENOMEM;
> 		return (-1);
> 	}

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0FE37F7D-6878-40F2-B606-A8CADFF270BF>