On Wed, Jul 12, 2023 at 12:53:10PM +0200, Florian Obser wrote: > So I was sufficiently bored during breakfast and decided to run afl > against patch... > > basename(3) can fail thusly: > ERRORS > The following error codes may be set in errno: > > [ENAMETOOLONG] The path component to be returned was larger than > PATH_MAX. > > and then strlen(3) segfaults. > > OK?
ok > (this is on top of tb's fix on bugs but should be independent and not > cause conflicts.) Go ahead. If it conflicts it's easy to redo anway. > > diff --git pch.c pch.c > index 4ae5f363393..63543a609fb 100644 > --- pch.c > +++ pch.c > @@ -1422,7 +1422,7 @@ compare_names(const struct file_name *names, bool > assume_exists) > { > size_t min_components, min_baselen, min_len, tmp; > char *best = NULL; > - char *path; > + char *path, *bn; > int i; > > /* > @@ -1443,7 +1443,10 @@ compare_names(const struct file_name *names, bool > assume_exists) > min_components = tmp; > best = path; > } > - if ((tmp = strlen(basename(path))) > min_baselen) > + bn = basename(path); > + if (bn == NULL) > + continue; > + if ((tmp = strlen(bn)) > min_baselen) > continue; > if (tmp < min_baselen) { > min_baselen = tmp; > > -- > In my defence, I have been left unsupervised. >