File: https://github.com/freebsd/freebsd/blob/master/contrib/mdocml/mandocdb.c#L613 i.e if (realpath(path, buf) == NULL) { This function does not protect against buffer overflows, and some implementations can overflow internally. Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. realpath() output buffers should be large enough to handle the maximum-size possible result from path manipulation functions, at least of size PATH_MAX
There is no possible overflow in the line you are pointing out: - there's no user input involved - path value comes from fts_read(3) - buf is of PATH_MAX size
In addition to the reasons given by Yuri, our realpath does not overflow a PATH_MAX output buffer.