src/libadacl.c: use asprintf() instead of snprintf() for paths.

[apply-default-acl.git] / src / libadacl.c

diff --git a/src/libadacl.c b/src/libadacl.c
index ce125db12dc77397574a98e11c683e12d7ed5911..62ab3cc0047dcb2e92dcf3d9b21d86b21fe518b8 100644 (file)
--- a/src/libadacl.c
+++ b/src/libadacl.c
@@ -5,16 +5,17 @@
  *
  */
 
-/* Enables get_current_dir_name() in unistd.h and the O_PATH flag. */
+/* Enables get_current_dir_name() in unistd.h, the O_PATH flag, and
+ * the asprintf() function.
+*/
 #define _GNU_SOURCE
 
 #include <dirent.h>     /* readdir(), etc. */
 #include <errno.h>      /* EINVAL, ELOOP, ENOTDIR, etc. */
 #include <fcntl.h>      /* openat() */
 #include <libgen.h>     /* basename(), dirname() */
-#include <limits.h>     /* PATH_MAX */
 #include <stdbool.h>    /* the "bool" type */
-#include <stdio.h>      /* perror(), snprintf() */
+#include <stdio.h>      /* perror(), asprintf() */
 #include <stdlib.h>     /* free() */
 #include <string.h>     /* strdup() */
 #include <sys/stat.h>   /* fstat() */
@@ -36,7 +37,7 @@
  */
 #define CLOSE_ERROR -1
 #define OPEN_ERROR -1
-#define SNPRINTF_ERROR -1
+#define ASPRINTF_ERROR -1
 #define STAT_ERROR -1
 #define XATTR_ERROR -1
 
@@ -134,11 +135,11 @@ int safe_open(const char* pathname, int flags) {
     return OPEN_ERROR;
   }
 
-  char abspath[PATH_MAX];
-  int snprintf_result = 0;
+  char* abspath = NULL;
+  int asprintf_result = 0;
   if (strchr(pathname, '/') == pathname) {
     /* pathname is already absolute; just copy it. */
-    snprintf_result = snprintf(abspath, PATH_MAX, "%s", pathname);
+    asprintf_result = asprintf(&abspath, "%s", pathname);
   }
   else {
     /* Concatenate the current working directory and pathname into an
@@ -163,14 +164,17 @@ int safe_open(const char* pathname, int flags) {
       free(cwd);
       return OPEN_ERROR;
     }
-    snprintf_result = snprintf(abspath, PATH_MAX, "%s/%s", abs_cwd, pathname);
+    asprintf_result = asprintf(&abspath, "%s/%s", abs_cwd, pathname);
     free(cwd);
   }
-  if (snprintf_result == SNPRINTF_ERROR || snprintf_result > PATH_MAX) {
-    perror("safe_open (snprintf)");
+  if (asprintf_result == ASPRINTF_ERROR) {
+    perror("safe_open (asprintf)");
     return OPEN_ERROR;
   }
 
+  /* Beyond here, asprintf() worked, and we need to free abspath. */
+  int result = OPEN_ERROR;
+
   bool abspath_is_root = (strcmp(abspath, "/") == 0);
   int rootflags = flags | O_DIRECTORY;
   if (!abspath_is_root) {
@@ -180,18 +184,24 @@ int safe_open(const char* pathname, int flags) {
   int rootfd = open("/", rootflags);
   if (rootfd == OPEN_ERROR) {
     perror("safe_open (open)");
-    return OPEN_ERROR;
+    result = OPEN_ERROR;
+    goto cleanup;
   }
 
   if (abspath_is_root) {
-    return rootfd;
+    result = rootfd;
+    goto cleanup;
   }
 
-  int result = safe_open_ex(rootfd, abspath+1, flags);
+  result = safe_open_ex(rootfd, abspath+1, flags);
   if (close(rootfd) == CLOSE_ERROR) {
     perror("safe_open (close)");
-    return OPEN_ERROR;
+    result = OPEN_ERROR;
+    goto cleanup;
   }
+
+ cleanup:
+  free(abspath);
   return result;
 }