Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 15 Nov 2020 07:48:52 +0000 (UTC)
From:      Scott Long <scottl@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r367701 - head/lib/libutil
Message-ID:  <202011150748.0AF7mqW3016900@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: scottl
Date: Sun Nov 15 07:48:52 2020
New Revision: 367701
URL: https://svnweb.freebsd.org/changeset/base/367701

Log:
  Because getlocalbase() returns -1 on error, it needs to use a signed type
  internally.  Do that, and make sure that conversations between signed and
  unsigned don't overflow

Modified:
  head/lib/libutil/getlocalbase.c

Modified: head/lib/libutil/getlocalbase.c
==============================================================================
--- head/lib/libutil/getlocalbase.c	Sun Nov 15 01:54:44 2020	(r367700)
+++ head/lib/libutil/getlocalbase.c	Sun Nov 15 07:48:52 2020	(r367701)
@@ -41,7 +41,7 @@ __FBSDID("$FreeBSD$");
 ssize_t
 getlocalbase(char *path, size_t pathlen)
 {
-	size_t tmplen;
+	ssize_t tmplen;
 	const char *tmppath;
 
 	if ((pathlen == 0) || (path == NULL)) {
@@ -49,13 +49,20 @@ getlocalbase(char *path, size_t pathlen)
 		return (-1);
 	}
 
+	/* It's unlikely that the buffer would be this big */
+	if (pathlen > SSIZE_MAX) {
+		errno = ENOMEM;
+		return (-1);
+	}
+
 	tmppath = NULL;
-	tmplen = pathlen;
+	tmplen = (size_t)pathlen;
 	if (issetugid() == 0)
 		tmppath = getenv("LOCALBASE");
 
 	if ((tmppath == NULL) &&
-	    (sysctlbyname("user.localbase", path, &tmplen, NULL, 0) == 0)) {
+	    (sysctlbyname("user.localbase", path, (size_t *)&tmplen, NULL,
+	    0) == 0)) {
 		return (tmplen);
 	}
 
@@ -67,13 +74,13 @@ getlocalbase(char *path, size_t pathlen)
 #endif
 
 	tmplen = strlcpy(path, tmppath, pathlen);
-	if ((tmplen < 0) || (tmplen >= pathlen)) {
+	if ((tmplen < 0) || (tmplen >= (ssize_t)pathlen)) {
 		errno = ENOMEM;
 		return (-1);
 	}
 
 	/* It's unlikely that the buffer would be this big */
-	if (tmplen >= SSIZE_MAX) {
+	if (tmplen > SSIZE_MAX) {
 		errno = ENOMEM;
 		return (-1);
 	}

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202011150748.0AF7mqW3016900>