FreeBSD Bugzilla – Attachment 219005 Details for
Bug 250489
devel/opencvs: unportable basename(3) usage
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Accommodate POSIX basename(3) that takes a non-const parameter
cvs.patch (text/plain), 9.21 KB, created by
Christian Weisgerber
on 2020-10-23 15:38:49 UTC
(
hide
)
Description:
Accommodate POSIX basename(3) that takes a non-const parameter
Filename:
MIME Type:
Creator:
Christian Weisgerber
Created:
2020-10-23 15:38:49 UTC
Size:
9.21 KB
patch
obsolete
>--- admin.c.orig 2016-02-06 23:25:25.000000000 +0100 >+++ admin.c 2020-10-23 17:31:04.762476000 +0200 >@@ -246,12 +246,17 @@ > struct cvs_file *ocf; > struct rcs_access *acp; > int ofd; >- char *d, *f, fpath[PATH_MAX], repo[PATH_MAX]; >+ char *d, dbuf[PATH_MAX], *f, fbuf[PATH_MAX]; >+ char fpath[PATH_MAX], repo[PATH_MAX]; > >- >- if ((f = basename(oldfilename)) == NULL) >+ if (strlcpy(fbuf, oldfilename, sizeof(fbuf)) >= sizeof(fbuf)) >+ fatal("cvs_admin_local: truncation"); >+ if ((f = basename(fbuf)) == NULL) > fatal("cvs_admin_local: basename failed"); >- if ((d = dirname(oldfilename)) == NULL) >+ >+ if (strlcpy(dbuf, oldfilename, sizeof(dbuf)) >= sizeof(dbuf)) >+ fatal("cvs_admin_local: truncation"); >+ if ((d = dirname(dbuf)) == NULL) > fatal("cvs_admin_local: dirname failed"); > > cvs_get_repository_path(d, repo, PATH_MAX); >--- checkout.c.orig 2016-02-06 23:25:25.000000000 +0100 >+++ checkout.c 2020-10-23 17:31:04.763063000 +0200 >@@ -239,7 +239,7 @@ > struct module_checkout *mc; > struct cvs_ignpat *ip; > struct cvs_filelist *fl, *nxt; >- char repo[PATH_MAX], fpath[PATH_MAX], *f[1]; >+ char repo[PATH_MAX], fpath[PATH_MAX], path[PATH_MAX], *f[1]; > > build_dirs = print_stdout ? 0 : 1; > >@@ -329,14 +329,25 @@ > cr.flags = flags; > > if (!(mc->mc_flags & MODULE_ALIAS)) { >+ if (strlcpy(path, fl->file_path, >+ sizeof(path)) >= sizeof(path)) >+ fatal("%s: truncation", >+ __func__); > module_repo_root = >- xstrdup(dirname(fl->file_path)); >+ xstrdup(dirname(path)); > d = wdir; >+ if (strlcpy(path, fl->file_path, >+ sizeof(path)) >= sizeof(path)) >+ fatal("%s: truncation", >+ __func__); > (void)xsnprintf(fpath, sizeof(fpath), >- "%s/%s", d, >- basename(fl->file_path)); >+ "%s/%s", d, basename(path)); > } else { >- d = dirname(wdir); >+ if (strlcpy(path, wdir, >+ sizeof(path)) >= sizeof(path)) >+ fatal("%s: truncation", >+ __func__); >+ d = dirname(path); > strlcpy(fpath, fl->file_path, > sizeof(fpath)); > } >@@ -387,7 +398,7 @@ > static int > checkout_classify(const char *repo, const char *arg) > { >- char *d, *f, fpath[PATH_MAX]; >+ char *d, dbuf[PATH_MAX], *f, fbuf[PATH_MAX], fpath[PATH_MAX]; > struct stat sb; > > if (stat(repo, &sb) == 0) { >@@ -395,8 +406,13 @@ > return CVS_DIR; > } > >- d = dirname(repo); >- f = basename(repo); >+ if (strlcpy(dbuf, repo, sizeof(dbuf)) >= sizeof(dbuf)) >+ fatal("checkout_classify: truncation"); >+ d = dirname(dbuf); >+ >+ if (strlcpy(fbuf, repo, sizeof(fbuf)) >= sizeof(fbuf)) >+ fatal("checkout_classify: truncation"); >+ f = basename(fbuf); > > (void)xsnprintf(fpath, sizeof(fpath), "%s/%s%s", d, f, RCS_FILE_EXT); > if (stat(fpath, &sb) == 0) { >--- client.c.orig 2016-02-06 23:25:25.000000000 +0100 >+++ client.c 2020-10-23 17:31:04.763738000 +0200 >@@ -157,6 +157,7 @@ > { > CVSENTRIES *entlist; > char *entry, *parent, *base, *p; >+ char basebuf[PATH_MAX], parentbuf[PATH_MAX]; > > STRIP_SLASH(data); > >@@ -174,10 +175,14 @@ > if (cvs_cmdop == CVS_OP_EXPORT) > return; > >- if ((base = basename(data)) == NULL) >+ if (strlcpy(basebuf, data, sizeof(basebuf)) >= sizeof(basebuf)) >+ fatal("client_check_directory: truncation"); >+ if ((base = basename(basebuf)) == NULL) > fatal("client_check_directory: overflow"); > >- if ((parent = dirname(data)) == NULL) >+ if (strlcpy(parentbuf, data, sizeof(parentbuf)) >= sizeof(parentbuf)) >+ fatal("client_check_directory: truncation"); >+ if ((parent = dirname(parentbuf)) == NULL) > fatal("client_check_directory: overflow"); > > if (!strcmp(parent, ".")) >@@ -798,7 +803,7 @@ > struct timeval tv[2]; > struct tm datetm; > char timebuf[CVS_TIME_BUFSZ], *repo, *rpath, *entry, *mode; >- char *len, *fpath, *wdir; >+ char *len, *fpath, *wdir, wdirbuf[PATH_MAX]; > > if (data == NULL) > fatal("Missing argument for Merged"); >@@ -819,7 +824,9 @@ > fatal("received a repository path that is too short"); > > fpath = rpath + strlen(repo) + 1; >- if ((wdir = dirname(fpath)) == NULL) >+ if (strlcpy(wdirbuf, fpath, sizeof(wdirbuf)) >= sizeof(wdirbuf)) >+ fatal("cvs_client_merged: truncation"); >+ if ((wdir = dirname(wdirbuf)) == NULL) > fatal("cvs_client_merged: dirname: %s", strerror(errno)); > free(repo); > >--- file.c.orig 2016-02-06 23:25:25.000000000 +0100 >+++ file.c 2020-10-23 17:31:04.764339000 +0200 >@@ -266,7 +266,8 @@ > struct stat st; > struct cvs_file *cf; > struct cvs_filelist *l, *nxt; >- char *d, *f, repo[PATH_MAX], fpath[PATH_MAX]; >+ char *d, dbuf[PATH_MAX], *f, fbuf[PATH_MAX]; >+ char repo[PATH_MAX], fpath[PATH_MAX]; > > for (l = RB_MIN(cvs_flisthead, fl); l != NULL; l = nxt) { > if (cvs_quit) >@@ -275,9 +276,14 @@ > cvs_log(LP_TRACE, "cvs_file_walklist: element '%s'", > l->file_path); > >- if ((f = basename(l->file_path)) == NULL) >+ if (strlcpy(fbuf, l->file_path, sizeof(fbuf)) >= sizeof(fbuf)) >+ fatal("cvs_file_walklist: truncation"); >+ if ((f = basename(fbuf)) == NULL) > fatal("cvs_file_walklist: basename failed"); >- if ((d = dirname(l->file_path)) == NULL) >+ >+ if (strlcpy(dbuf, l->file_path, sizeof(dbuf)) >= sizeof(dbuf)) >+ fatal("cvs_file_walklist: truncation"); >+ if ((d = dirname(dbuf)) == NULL) > fatal("cvs_file_walklist: dirname failed"); > > type = l->type; >--- logmsg.c.orig 2016-02-06 23:25:25.000000000 +0100 >+++ logmsg.c 2020-10-23 17:31:04.764897000 +0200 >@@ -100,6 +100,7 @@ > struct cvs_filelist *cf; > struct stat st1, st2; > char *fpath, *logmsg, repo[PATH_MAX]; >+ char *f, path[PATH_MAX]; > struct stat st; > struct trigger_list *line_list; > struct trigger_line *line; >@@ -165,28 +166,46 @@ > > if (added != NULL && !RB_EMPTY(added)) { > fprintf(fp, "%s Added Files:", CVS_LOGMSG_PREFIX); >- RB_FOREACH(cf, cvs_flisthead, added) >- fprintf(fp, "\n%s\t%s", CVS_LOGMSG_PREFIX, >- dir != NULL ? basename(cf->file_path) : >- cf->file_path); >+ RB_FOREACH(cf, cvs_flisthead, added) { >+ f = cf->file_path; >+ if (dir != NULL) { >+ if (strlcpy(path, f, sizeof(path)) >= >+ sizeof(path)) >+ fatal("cvs_logmsg_create: truncation"); >+ f = basename(path); >+ } >+ fprintf(fp, "\n%s\t%s", CVS_LOGMSG_PREFIX, f); >+ } > fputs("\n", fp); > } > > if (removed != NULL && !RB_EMPTY(removed)) { > fprintf(fp, "%s Removed Files:", CVS_LOGMSG_PREFIX); >- RB_FOREACH(cf, cvs_flisthead, removed) >- fprintf(fp, "\n%s\t%s", CVS_LOGMSG_PREFIX, >- dir != NULL ? basename(cf->file_path) : >- cf->file_path); >+ RB_FOREACH(cf, cvs_flisthead, removed) { >+ f = cf->file_path; >+ if (dir != NULL) { >+ if (strlcpy(path, f, sizeof(path)) >= >+ sizeof(path)) >+ fatal("cvs_logmsg_create: truncation"); >+ f = basename(path); >+ } >+ fprintf(fp, "\n%s\t%s", CVS_LOGMSG_PREFIX, f); >+ } > fputs("\n", fp); > } > > if (modified != NULL && !RB_EMPTY(modified)) { > fprintf(fp, "%s Modified Files:", CVS_LOGMSG_PREFIX); >- RB_FOREACH(cf, cvs_flisthead, modified) >- fprintf(fp, "\n%s\t%s", CVS_LOGMSG_PREFIX, >- dir != NULL ? basename(cf->file_path) : >- cf->file_path); >+ RB_FOREACH(cf, cvs_flisthead, modified) { >+ f = cf->file_path; >+ if (dir != NULL) { >+ if (strlcpy(path, f, sizeof(path)) >= >+ sizeof(path)) >+ fatal("cvs_logmsg_create: truncation"); >+ f = basename(path); >+ } >+ fprintf(fp, "\n%s\t%s", CVS_LOGMSG_PREFIX, f); >+ } > fputs("\n", fp); > } > >--- rcs.c.orig 2016-02-06 23:25:25.000000000 +0100 >+++ rcs.c 2020-10-23 17:31:04.765876000 +0200 >@@ -2190,8 +2190,8 @@ > int kwtype; > u_int j, found; > const u_char *c, *start, *fin, *end; >- char *kwstr; >- char expbuf[256], buf[256]; >+ char *kwstr, *rcsfile_basename; >+ char expbuf[256], buf[256], path[PATH_MAX]; > size_t clen, kwlen, len, tlen; > > kwtype = 0; >@@ -2209,6 +2209,10 @@ > /* Final character in buffer. */ > fin = c + len - 1; > >+ if (strlcpy(path, rcsfile, sizeof(path)) >= sizeof(path)) >+ fatal("rcs_kwexp_line: truncation"); >+ rcsfile_basename = basename(path); >+ > /* > * Keyword formats: > * $Keyword$ >@@ -2307,7 +2311,7 @@ > if (mode & RCS_KWEXP_VAL) { > if (kwtype & RCS_KW_RCSFILE) { > if (!(kwtype & RCS_KW_FULLPATH)) >- (void)strlcat(expbuf, basename(rcsfile), >+ (void)strlcat(expbuf, rcsfile_basename, > sizeof(expbuf)); > else > (void)strlcat(expbuf, rcsfile, >@@ -2383,7 +2387,7 @@ > /* Log line */ > if (!(kwtype & RCS_KW_FULLPATH)) > (void)strlcat(expbuf, >- basename(rcsfile), sizeof(expbuf)); >+ rcsfile_basename, sizeof(expbuf)); > else > (void)strlcat(expbuf, rcsfile, > sizeof(expbuf)); >--- server.c.orig 2016-02-06 23:25:25.000000000 +0100 >+++ server.c 2020-10-23 17:31:04.766443000 +0200 >@@ -324,6 +324,7 @@ > { > CVSENTRIES *entlist; > char *dir, *repo, *parent, *entry, *dirn, *p; >+ char parentbuf[PATH_MAX], dirnbuf[PATH_MAX]; > > if (current_cvsroot == NULL) > fatal("No Root specified for Directory"); >@@ -350,10 +351,14 @@ > > cvs_mkpath(p, NULL); > >- if ((dirn = basename(p)) == NULL) >+ if (strlcpy(dirnbuf, p, sizeof(dirnbuf)) >= sizeof(dirnbuf)) >+ fatal("cvs_server_directory: truncation"); >+ if ((dirn = basename(dirnbuf)) == NULL) > fatal("cvs_server_directory: %s", strerror(errno)); > >- if ((parent = dirname(p)) == NULL) >+ if (strlcpy(parentbuf, p, sizeof(parentbuf)) >= sizeof(parentbuf)) >+ fatal("cvs_server_directory: truncation"); >+ if ((parent = dirname(parentbuf)) == NULL) > fatal("cvs_server_directory: %s", strerror(errno)); > > if (strcmp(parent, ".")) {
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 250489
: 219005