Page MenuHomeFreeBSD

D27227.diff
No OneTemporary

D27227.diff

Index: lib/libutil/getlocalbase.c
===================================================================
--- lib/libutil/getlocalbase.c
+++ lib/libutil/getlocalbase.c
@@ -41,29 +41,25 @@
ssize_t
getlocalbase(char *path, size_t pathlen)
{
- ssize_t tmplen;
+ size_t tmplen, miblen;
const char *tmppath;
+ int mib[4];
- if ((pathlen == 0) || (path == NULL)) {
+ /* It's unlikely that the buffer would be this big */
+ if ((pathlen == 0) || (pathlen > SSIZE_MAX) || (path == NULL)) {
errno = EINVAL;
return (-1);
}
- /* It's unlikely that the buffer would be this big */
- if (pathlen > SSIZE_MAX) {
- errno = ENOMEM;
- return (-1);
- }
-
tmppath = NULL;
- tmplen = (size_t)pathlen;
+ tmplen = pathlen;
if (issetugid() == 0)
tmppath = getenv("LOCALBASE");
- if ((tmppath == NULL) &&
- (sysctlbyname("user.localbase", path, (size_t *)&tmplen, NULL,
- 0) == 0)) {
- return (tmplen);
+ if (tmppath == NULL) {
+ sysctlnametomib("user.localbase", mib, &miblen);
+ if (sysctl(mib, 4, path, &tmplen, NULL, 0) == 0)
+ return (tmplen);
}
if (tmppath == NULL)
@@ -73,17 +69,20 @@
tmppath = "/usr/local";
#endif
+ /*
+ * If strlcpy() overflowed the size of the provided buffer then just
+ * return an error.
+ */
tmplen = strlcpy(path, tmppath, pathlen);
- if ((tmplen < 0) || (tmplen >= (ssize_t)pathlen)) {
+ if (tmplen >= pathlen) {
errno = ENOMEM;
return (-1);
}
- /* It's unlikely that the buffer would be this big */
- if (tmplen > SSIZE_MAX) {
- errno = ENOMEM;
- return (-1);
- }
-
+ /*
+ * tmplen can't be larger than pathlen, and pathlen was already
+ * checked to make sure it wouldn't overflow the ssize_t. Thus this
+ * cast is safe.
+ */
return ((ssize_t)tmplen);
}

File Metadata

Mime Type
text/plain
Expires
Sun, Jul 5, 10:31 AM (17 h, 53 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
34627551
Default Alt Text
D27227.diff (1 KB)

Event Timeline