basename in mg

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

basename in mg

Kjell-5
I think this is the only usage of basename in mg that is
unsafe with the stupid POSIX behavior of modifying the string
directly. All other occurences are in error paths, using local-only
buffers.

and KNF, while I'm in there...

Index: file.c
===================================================================
RCS file: /usr/local/ocvs/src/usr.bin/mg/file.c,v
retrieving revision 1.43
diff -u -r1.43 file.c
--- file.c 14 Oct 2005 19:46:46 -0000 1.43
+++ file.c 12 Nov 2005 18:14:47 -0000
@@ -177,19 +177,25 @@
  * empty buffer to put it in.
  */
 BUFFER *
-findbuffer(char *fname)
+findbuffer(char *fn)
 {
  BUFFER *bp;
- char bname[NBUFN];
+ char bname[NBUFN], fname[NBUFN];
  unsigned int count, remain, i;
 
+ /* XXX POSIX basename may modify its argument */
+ if (strlcpy(fname, fn, sizeof(fname)) >= sizeof(fname)) {
+ ewprintf("filename too long");
+ return (NULL);
+ }
+
  for (bp = bheadp; bp != NULL; bp = bp->b_bufp) {
  if (strcmp(bp->b_fname, fname) == 0)
  return (bp);
  }
  i = strlcpy(bname, basename(fname), sizeof(bname));
  if (i >= sizeof(bname))
- return NULL;
+ return (NULL);
  remain = sizeof(bname) - i;
  for (count = 2; bfind(bname, FALSE) != NULL; count++)
  snprintf(&bname[i], remain, "<%d>", count);