Hello! As a preparation exercise for GSoC, I have fixed the PATH_MAX issue in three Debian packages: nekobee, whysynth and libsepol. There is no real reason I picked these packages, they were just first in the list here:
https://buildd.debian.org/stats/?arch=hurd-i386&state=Failed Note that they are currently untested. Also note that I did not take the opportunity to fix unrelated bugs, such as in the cases where the code does not check the return value of snprintf. In those cases, I also just ignore the return value of asprintf, since I don't know what would be the appropriate way to handle such error anyway. As per request, I send them inline. However, my email client seems to wrap long lines and I have no idea how to disable that. That's why I also send them as attachments. =========================== ==== Patch for nekobee ==== =========================== diff -ru -x changelog nekobee-0.1.7.nomod/src/gui_callbacks.c nekobee-0.1.7/src/gui_callbacks.c --- nekobee-0.1.7.nomod/src/gui_callbacks.c 2009-01-18 02:08:29.000000000 +0100 +++ nekobee-0.1.7/src/gui_callbacks.c 2011-04-06 13:29:30.116370319 +0200 @@ -74,10 +74,10 @@ file_selection_last_filename); } else if (project_directory && strlen(project_directory)) { if (project_directory[strlen(project_directory) - 1] != '/') { - char buffer[PATH_MAX]; - snprintf(buffer, PATH_MAX, "%s/", project_directory); + gchar *buffer = g_strdup_printf ("%s/", project_directory); gtk_file_selection_set_filename(GTK_FILE_SELECTION(file_selection), buffer); + g_free (buffer); } else { gtk_file_selection_set_filename(GTK_FILE_SELECTION(file_selection), project_directory); ============================ ==== Patch for whysynth ==== ============================ diff -ru -x changelog whysynth-20090403.nomod/src/gui_main.c whysynth-20090403/src/gui_main.c --- whysynth-20090403.nomod/src/gui_main.c 2009-04-21 20:43:30.000000000 +0200 +++ whysynth-20090403/src/gui_main.c 2011-04-06 13:57:14.456368986 +0200 @@ -62,7 +62,7 @@ unsigned int patches_allocated = 0; int patches_dirty; y_patch_t *patches = NULL; -char patches_tmp_filename[PATH_MAX]; +gchar *patches_tmp_filename = NULL; char *project_directory = NULL; int last_configure_load_was_from_tmp; @@ -304,7 +304,9 @@ int i; char *dir = get_tmp_directory(); - snprintf(patches_tmp_filename, PATH_MAX, "%s/WhySynth_patches-%s", dir, path); + if (patches_tmp_filename != NULL) + g_free(patches_tmp_filename); + patches_tmp_filename = g_strdup_printf ("%s/WhySynth_patches-%s", dir, path); for (i = strlen(dir) + 1; i < strlen(patches_tmp_filename); i++) { if (patches_tmp_filename[i] == '/') patches_tmp_filename[i] = '_'; @@ -428,6 +430,7 @@ /* clean up patches */ if (patches) free(patches); + if (patches_tmp_filename) g_free(patches_tmp_filename); if (project_directory) free(project_directory); /* clean up OSC support */ ============================ ==== Patch for libsepol ==== ============================ diff -ru -x changelog libsepol-2.0.42.nomod/src/genusers.c libsepol-2.0.42/src/genusers.c --- libsepol-2.0.42.nomod/src/genusers.c 2010-12-20 21:13:33.000000000 +0100 +++ libsepol-2.0.42/src/genusers.c 2011-04-06 14:25:31.120368538 +0200 @@ -268,7 +268,7 @@ const char *usersdir, void **newdata, size_t * newlen) { struct policydb policydb; - char path[PATH_MAX]; + char *path; /* Construct policy database */ if (policydb_init(&policydb)) @@ -277,7 +277,7 @@ goto err; /* Load locally defined users. */ - snprintf(path, sizeof path, "%s/local.users", usersdir); + asprintf(&path, "%s/local.users", usersdir); if (load_users(&policydb, path) < 0) goto err_destroy; @@ -286,25 +286,29 @@ goto err_destroy; policydb_destroy(&policydb); + free(path); return 0; err_destroy: policydb_destroy(&policydb); err: + free(path); return -1; } int hidden sepol_genusers_policydb(policydb_t * policydb, const char *usersdir) { - char path[PATH_MAX]; + char *path; /* Load locally defined users. */ - snprintf(path, sizeof path, "%s/local.users", usersdir); + asprintf(&path, "%s/local.users", usersdir); if (load_users(policydb, path) < 0) { + free(path); ERR(NULL, "unable to load local.users: %s", strerror(errno)); return -1; } + free(path); if (policydb_reindex_users(policydb) < 0) { ERR(NULL, "unable to reindex users: %s", strerror(errno)); diff -ru -x changelog libsepol-2.0.42.nomod/tests/helpers.c libsepol-2.0.42/tests/helpers.c --- libsepol-2.0.42.nomod/tests/helpers.c 2010-12-20 21:13:33.000000000 +0100 +++ libsepol-2.0.42/tests/helpers.c 2011-04-06 16:02:17.232369842 +0200 @@ -34,20 +34,21 @@ int test_load_policy(policydb_t * p, int policy_type, int mls, const char *test_name, const char *policy_name) { - char filename[PATH_MAX]; + char *filename; if (mls) { - if (snprintf(filename, PATH_MAX, "policies/%s/%s.mls", test_name, policy_name) < 0) { + if (asprintf(&filename, "policies/%s/%s.mls", test_name, policy_name) < 0) { return -1; } } else { - if (snprintf(filename, PATH_MAX, "policies/%s/%s.std", test_name, policy_name) < 0) { + if (asprintf(&filename, "policies/%s/%s.std", test_name, policy_name) < 0) { return -1; } } if (policydb_init(p)) { fprintf(stderr, "Out of memory"); + free(filename); return -1; } @@ -57,9 +58,11 @@ if (read_source_policy(p, filename, test_name)) { fprintf(stderr, "failed to read policy %s\n", filename); policydb_destroy(p); + free(filename); return -1; } + free(filename); return 0; } diff -ru -x changelog libsepol-2.0.42.nomod/tests/test-expander.c libsepol-2.0.42/tests/test-expander.c --- libsepol-2.0.42.nomod/tests/test-expander.c 2010-12-20 21:13:33.000000000 +0100 +++ libsepol-2.0.42/tests/test-expander.c 2011-04-06 16:03:27.160369064 +0200 @@ -73,8 +73,7 @@ int i; for (i = 0; i < num_modules + 1; i++) { - filename[i] = calloc(PATH_MAX, sizeof(char)); - if (snprintf(filename[i], PATH_MAX, "policies/test-expander/%s%s", myfiles[i], mls ? ".mls" : ".std") < 0) + if (asprintf(&(filename[i]), "policies/test-expander/%s%s", myfiles[i], mls ? ".mls" : ".std") < 0) return -1; } /Patrik
diff -ru -x changelog libsepol-2.0.42.nomod/src/genusers.c libsepol-2.0.42/src/genusers.c --- libsepol-2.0.42.nomod/src/genusers.c 2010-12-20 21:13:33.000000000 +0100 +++ libsepol-2.0.42/src/genusers.c 2011-04-06 14:25:31.120368538 +0200 @@ -268,7 +268,7 @@ const char *usersdir, void **newdata, size_t * newlen) { struct policydb policydb; - char path[PATH_MAX]; + char *path; /* Construct policy database */ if (policydb_init(&policydb)) @@ -277,7 +277,7 @@ goto err; /* Load locally defined users. */ - snprintf(path, sizeof path, "%s/local.users", usersdir); + asprintf(&path, "%s/local.users", usersdir); if (load_users(&policydb, path) < 0) goto err_destroy; @@ -286,25 +286,29 @@ goto err_destroy; policydb_destroy(&policydb); + free(path); return 0; err_destroy: policydb_destroy(&policydb); err: + free(path); return -1; } int hidden sepol_genusers_policydb(policydb_t * policydb, const char *usersdir) { - char path[PATH_MAX]; + char *path; /* Load locally defined users. */ - snprintf(path, sizeof path, "%s/local.users", usersdir); + asprintf(&path, "%s/local.users", usersdir); if (load_users(policydb, path) < 0) { + free(path); ERR(NULL, "unable to load local.users: %s", strerror(errno)); return -1; } + free(path); if (policydb_reindex_users(policydb) < 0) { ERR(NULL, "unable to reindex users: %s", strerror(errno)); diff -ru -x changelog libsepol-2.0.42.nomod/tests/helpers.c libsepol-2.0.42/tests/helpers.c --- libsepol-2.0.42.nomod/tests/helpers.c 2010-12-20 21:13:33.000000000 +0100 +++ libsepol-2.0.42/tests/helpers.c 2011-04-06 16:02:17.232369842 +0200 @@ -34,20 +34,21 @@ int test_load_policy(policydb_t * p, int policy_type, int mls, const char *test_name, const char *policy_name) { - char filename[PATH_MAX]; + char *filename; if (mls) { - if (snprintf(filename, PATH_MAX, "policies/%s/%s.mls", test_name, policy_name) < 0) { + if (asprintf(&filename, "policies/%s/%s.mls", test_name, policy_name) < 0) { return -1; } } else { - if (snprintf(filename, PATH_MAX, "policies/%s/%s.std", test_name, policy_name) < 0) { + if (asprintf(&filename, "policies/%s/%s.std", test_name, policy_name) < 0) { return -1; } } if (policydb_init(p)) { fprintf(stderr, "Out of memory"); + free(filename); return -1; } @@ -57,9 +58,11 @@ if (read_source_policy(p, filename, test_name)) { fprintf(stderr, "failed to read policy %s\n", filename); policydb_destroy(p); + free(filename); return -1; } + free(filename); return 0; } diff -ru -x changelog libsepol-2.0.42.nomod/tests/test-expander.c libsepol-2.0.42/tests/test-expander.c --- libsepol-2.0.42.nomod/tests/test-expander.c 2010-12-20 21:13:33.000000000 +0100 +++ libsepol-2.0.42/tests/test-expander.c 2011-04-06 16:03:27.160369064 +0200 @@ -73,8 +73,7 @@ int i; for (i = 0; i < num_modules + 1; i++) { - filename[i] = calloc(PATH_MAX, sizeof(char)); - if (snprintf(filename[i], PATH_MAX, "policies/test-expander/%s%s", myfiles[i], mls ? ".mls" : ".std") < 0) + if (asprintf(&(filename[i]), "policies/test-expander/%s%s", myfiles[i], mls ? ".mls" : ".std") < 0) return -1; }
diff -ru -x changelog nekobee-0.1.7.nomod/src/gui_callbacks.c nekobee-0.1.7/src/gui_callbacks.c --- nekobee-0.1.7.nomod/src/gui_callbacks.c 2009-01-18 02:08:29.000000000 +0100 +++ nekobee-0.1.7/src/gui_callbacks.c 2011-04-06 13:29:30.116370319 +0200 @@ -74,10 +74,10 @@ file_selection_last_filename); } else if (project_directory && strlen(project_directory)) { if (project_directory[strlen(project_directory) - 1] != '/') { - char buffer[PATH_MAX]; - snprintf(buffer, PATH_MAX, "%s/", project_directory); + gchar *buffer = g_strdup_printf ("%s/", project_directory); gtk_file_selection_set_filename(GTK_FILE_SELECTION(file_selection), buffer); + g_free (buffer); } else { gtk_file_selection_set_filename(GTK_FILE_SELECTION(file_selection), project_directory);
diff -ru -x changelog whysynth-20090403.nomod/src/gui_main.c whysynth-20090403/src/gui_main.c --- whysynth-20090403.nomod/src/gui_main.c 2009-04-21 20:43:30.000000000 +0200 +++ whysynth-20090403/src/gui_main.c 2011-04-06 13:57:14.456368986 +0200 @@ -62,7 +62,7 @@ unsigned int patches_allocated = 0; int patches_dirty; y_patch_t *patches = NULL; -char patches_tmp_filename[PATH_MAX]; +gchar *patches_tmp_filename = NULL; char *project_directory = NULL; int last_configure_load_was_from_tmp; @@ -304,7 +304,9 @@ int i; char *dir = get_tmp_directory(); - snprintf(patches_tmp_filename, PATH_MAX, "%s/WhySynth_patches-%s", dir, path); + if (patches_tmp_filename != NULL) + g_free(patches_tmp_filename); + patches_tmp_filename = g_strdup_printf ("%s/WhySynth_patches-%s", dir, path); for (i = strlen(dir) + 1; i < strlen(patches_tmp_filename); i++) { if (patches_tmp_filename[i] == '/') patches_tmp_filename[i] = '_'; @@ -428,6 +430,7 @@ /* clean up patches */ if (patches) free(patches); + if (patches_tmp_filename) g_free(patches_tmp_filename); if (project_directory) free(project_directory); /* clean up OSC support */
signature.asc
Description: OpenPGP digital signature