lib/path: add error handling to path_vcreate()

Do not operate on truncated/random paths. Note, path_strdup() can now really return NULL, to be handled in next commit. Signed-off-by: Ruediger Meier <ruediger.meier@ga-group.nl>
2017-06-27 20:33:08 +02:00 · 2017-06-27 20:33:08 +02:00 · f567220b71
parent e230ae7b68
commit f567220b71
1 changed files with 25 additions and 9 deletions
--- a/lib/path.c
+++ b/lib/path.c
@ -38,11 +38,15 @@ static char pathbuf[PATH_MAX];
 static const char *
 path_vcreate(const char *path, va_list ap)
 {
-	if (prefixlen)
-		vsnprintf(pathbuf + prefixlen,
-			  sizeof(pathbuf) - prefixlen, path, ap);
-	else
-		vsnprintf(pathbuf, sizeof(pathbuf), path, ap);
+	int rc = vsnprintf(
+		pathbuf + prefixlen, sizeof(pathbuf) - prefixlen, path, ap);
+
+	if (rc < 0)
+		return NULL;
+	if ((size_t)rc >= sizeof(pathbuf)) {
+		errno = ENAMETOOLONG;
+		return NULL;
+	}
 	return pathbuf;
 }

@ -64,11 +68,18 @@ path_vfopen(const char *mode, int exit_on_error, const char *path, va_list ap)
 {
 	FILE *f;
 	const char *p = path_vcreate(path, ap);
+	if (!p)
+		goto err;

 	f = fopen(p, mode);
-	if (!f && exit_on_error)
-		err(EXIT_FAILURE, _("cannot open %s"), p);
+	if (!f)
+		goto err;
+
 	return f;
+err:
+	if (exit_on_error)
+		err(EXIT_FAILURE, _("cannot open %s"), p ? p : "path");
+	return NULL;
 }

 static int
@ -76,11 +87,16 @@ path_vopen(int flags, const char *path, va_list ap)
 {
 	int fd;
 	const char *p = path_vcreate(path, ap);
+	if (!p)
+		goto err;

 	fd = open(p, flags);
 	if (fd == -1)
-		err(EXIT_FAILURE, _("cannot open %s"), p);
+		goto err;
+
 	return fd;
+err:
+	err(EXIT_FAILURE, _("cannot open %s"), p ? p : "path");
 }

 FILE *
@ -181,7 +197,7 @@ path_exist(const char *path, ...)
 	p = path_vcreate(path, ap);
 	va_end(ap);

-	return access(p, F_OK) == 0;
+	return p && access(p, F_OK) == 0;
 }

 #ifdef HAVE_CPU_SET_T