Check strlc{py,at} return value and return NULL upon truncation instead

of silently truncating. OK deraadt@ otto@
author: millert <> 2004-11-30 15:12:59 +0000
committer: millert <> 2004-11-30 15:12:59 +0000
commit: 0763d6b5127f254e776c4d39ecbeca9d455f1399 (patch)
tree: e52822776050d5a70590bbc46904aa8b7ae3a65e
parent: 21edc335077ec883a751979cb9a75e07da6677a0 (diff)
download: openbsd-0763d6b5127f254e776c4d39ecbeca9d455f1399.tar.gz
openbsd-0763d6b5127f254e776c4d39ecbeca9d455f1399.tar.bz2
openbsd-0763d6b5127f254e776c4d39ecbeca9d455f1399.zip
1 files changed, 23 insertions, 10 deletions
diff --git a/src/lib/libc/stdlib/realpath.c b/src/lib/libc/stdlib/realpath.c
index 1525d0372f..37b4ad6159 100644
--- a/src/lib/libc/stdlib/realpath.c
+++ b/src/lib/libc/stdlib/realpath.c
@@ -31,7 +31,7 @@
 */
 #if defined(LIBC_SCCS) && !defined(lint)
-static char *rcsid = "$OpenBSD: realpath.c,v 1.10 2003/08/01 21:04:59 millert Exp $";
+static char *rcsid = "$OpenBSD: realpath.c,v 1.11 2004/11/30 15:12:59 millert Exp $";
 #endif /* LIBC_SCCS and not lint */
 #include <sys/param.h>
@@ -62,7 +62,8 @@ realpath(path, resolved)
        /* Save the starting point. */
        if ((fd = open(".", O_RDONLY)) < 0) {
-                (void)strlcpy(resolved, ".", MAXPATHLEN);
+                resolved[0] = '.';
+                resolved[1] = '\0';
                return (NULL);
        }
@@ -78,7 +79,10 @@ realpath(path, resolved)
         *     if it is a directory, then change to that directory.
         * get the current directory name and append the basename.
         */
-        strlcpy(resolved, path, MAXPATHLEN);
+        if (strlcpy(resolved, path, MAXPATHLEN) >= MAXPATHLEN) {
+                serrno = ENAMETOOLONG;
+                goto err2;
+        }
 loop:
        q = strrchr(resolved, '/');
        if (q != NULL) {
@@ -104,8 +108,7 @@ loop:
                                errno = ELOOP;
                                goto err1;
                        }
-                        n = readlink(p, resolved, MAXPATHLEN-1);
+                        if ((n = readlink(p, resolved, MAXPATHLEN-1)) < 0)
-                        if (n < 0)
                                goto err1;
                        resolved[n] = '\0';
                        goto loop;
@@ -121,8 +124,11 @@ loop:
         * Save the last component name and get the full pathname of
         * the current directory.
         */
-        (void)strlcpy(wbuf, p, sizeof wbuf);
+        if (strlcpy(wbuf, p, sizeof(wbuf)) >= sizeof(wbuf)) {
-        if (getcwd(resolved, MAXPATHLEN) == 0)
+                errno = ENAMETOOLONG;
+                goto err1;
+        }
+        if (getcwd(resolved, MAXPATHLEN) == NULL)
                goto err1;
        /*
@@ -139,9 +145,16 @@ loop:
                        errno = ENAMETOOLONG;
                        goto err1;
                }
-                if (needslash)
+                if (needslash) {
-                        strlcat(resolved, "/", MAXPATHLEN);
+                        if (strlcat(resolved, "/", MAXPATHLEN) >= MAXPATHLEN) {
-                strlcat(resolved, wbuf, MAXPATHLEN);
+                                errno = ENAMETOOLONG;
+                                goto err1;
+                        }
+                }
+                if (strlcat(resolved, wbuf, MAXPATHLEN) >= MAXPATHLEN) {
+                        errno = ENAMETOOLONG;
+                        goto err1;
+                }
        }
        /* Go back to where we came from. */
author	millert <>	2004-11-30 15:12:59 +0000
committer	millert <>	2004-11-30 15:12:59 +0000
commit	0763d6b5127f254e776c4d39ecbeca9d455f1399 (patch)
tree	e52822776050d5a70590bbc46904aa8b7ae3a65e
parent	21edc335077ec883a751979cb9a75e07da6677a0 (diff)
download	openbsd-0763d6b5127f254e776c4d39ecbeca9d455f1399.tar.gz openbsd-0763d6b5127f254e776c4d39ecbeca9d455f1399.tar.bz2 openbsd-0763d6b5127f254e776c4d39ecbeca9d455f1399.zip