Created attachment 207388 [details]
I'm getting a segfault when calling basename(3) on FreeBSD 12.0 and CURRENT. See attached source for an easy to use reproducer.
This might be a case of "don't do that", but the same code on Linux works.
basename is allowed to modify the passes buffer. This is documented on both FreeBSD and Linux. In the attached example the string is immutable, an attempt to modify it is undefined behavior and a crash (as observed) the likely outcome.
The FreeBSD implementation happens to always at least add a NUL-byte which triggers the crash here, while Linux one does not modify the string if there is nothing to do.
The program will trivially crash if the string is modified to get basename to operate, e.g. by adding trailing slashes: "/home/tags///".
Finally, the Linux manpage explicitly shows usage with a copied buffer:
The following code snippet demonstrates the use of basename() and dirname():
char *dirc, *basec, *bname, *dname;
char *path = "/etc/passwd";
dirc = strdup(path);
basec = strdup(path);
dname = dirname(dirc);
bname = basename(basec);
printf("dirname=%s, basename=%s\n", dname, bname);
That said, there is no bug in the FreeBSD version and the code does not crash on Linux because of a combination of an artifact of the implementation and the passed argument. FreeBSD variant can be modified to match but there is real benefit to it.