@@ -311,9 +311,8 @@ ftw_cb(const char *fpath, const struct stat *sb, const struct dirent *dir UNUSED
311311 struct xentry * xe = NULL ;
312312 xbps_dictionary_t fileinfo = NULL ;
313313 const char * filep = NULL ;
314- char * buf , * p , * p2 , * dname ;
314+ char * p , * p2 , * dname ;
315315 char sha256 [XBPS_SHA256_SIZE ];
316- ssize_t r ;
317316
318317 /* Ignore metadata files generated by xbps-src and destdir */
319318 if ((strcmp (fpath , "." ) == 0 ) ||
@@ -353,6 +352,9 @@ ftw_cb(const char *fpath, const struct stat *sb, const struct dirent *dir UNUSED
353352 }
354353
355354 if (S_ISLNK (sb -> st_mode )) {
355+ char buf [PATH_MAX ];
356+ ssize_t len ;
357+
356358 /*
357359 * Symlinks.
358360 *
@@ -362,13 +364,12 @@ ftw_cb(const char *fpath, const struct stat *sb, const struct dirent *dir UNUSED
362364 xe -> type = strdup ("links" );
363365 assert (xe -> type );
364366 xbps_dictionary_set_cstring_nocopy (fileinfo , "type" , "links" );
365- buf = malloc (sb -> st_size + 1 );
366- assert (buf );
367- r = readlink (fpath , buf , sb -> st_size + 1 );
368- if (r < 0 || r > sb -> st_size )
369- die ("failed to process symlink %s:" , fpath );
370367
371- buf [sb -> st_size ] = '\0' ;
368+ len = readlink (fpath , buf , sizeof (buf ));
369+ if (len < 0 || len >= (int )sizeof (buf ))
370+ die ("readlink: %s:" , fpath );
371+ buf [len ] = '\0' ;
372+
372373 /*
373374 * Check if symlink is absolute or relative; on the former
374375 * make it absolute for the target object.
@@ -422,7 +423,6 @@ ftw_cb(const char *fpath, const struct stat *sb, const struct dirent *dir UNUSED
422423 }
423424 assert (xe -> target );
424425 assert (xbps_dictionary_get (fileinfo , "target" ));
425- free (buf );
426426 } else if (S_ISREG (sb -> st_mode )) {
427427 struct xentry * xep ;
428428 bool hlink = false;
@@ -671,17 +671,17 @@ process_entry_file(struct archive *ar,
671671{
672672 struct archive_entry * entry , * sparse_entry ;
673673 struct stat st ;
674- char * buf = NULL , * p ;
675- ssize_t len ;
674+ char path [PATH_MAX ];
676675
677676 assert (ar );
678677 assert (xe );
679678
680679 if (filematch && strcmp (xe -> file , filematch ))
681680 return ;
682681
683- p = xbps_xasprintf ("%s/%s" , destdir , xe -> file );
684- if (lstat (p , & st ) == -1 )
682+ if (xbps_path_join (path , sizeof (path ), destdir , xe -> file , (char * )NULL ) == -1 )
683+ die ("path too long %s:" , xe -> file );
684+ if (lstat (path , & st ) == -1 )
685685 die ("failed to add entry (fstat) %s to archive:" , xe -> file );
686686
687687 entry = archive_entry_new ();
@@ -695,33 +695,30 @@ process_entry_file(struct archive *ar,
695695 st .st_gid = 0 ;
696696
697697 archive_entry_copy_stat (entry , & st );
698- archive_entry_copy_sourcepath (entry , p );
698+ archive_entry_copy_sourcepath (entry , path );
699699 if (st .st_uid == geteuid ())
700700 archive_entry_set_uname (entry , "root" );
701701 if (st .st_gid == getegid ())
702702 archive_entry_set_gname (entry , "root" );
703703
704704 if (S_ISLNK (st .st_mode )) {
705- buf = malloc (st .st_size + 1 );
706- if (buf == NULL )
707- die ("failed to allocate readlink buffer" , xe -> file );
708- len = readlink (p , buf , st .st_size + 1 );
709- if (len < 0 || len > st .st_size )
710- die ("failed to add entry %s (readlink) to archive:" ,
711- xe -> file );
705+ char buf [PATH_MAX ];
706+ ssize_t len ;
707+
708+ len = readlink (path , buf , sizeof (buf ));
709+ if (len < 0 || len >= (int )sizeof (buf ))
710+ die ("readlink: %s:" , xe -> file );
712711 buf [len ] = '\0' ;
712+
713713 archive_entry_set_symlink (entry , buf );
714714 }
715- free (p );
716715
717716 archive_entry_linkify (resolver , & entry , & sparse_entry );
718717
719718 if (entry != NULL )
720719 write_entry (ar , entry );
721720 if (sparse_entry != NULL )
722721 write_entry (ar , sparse_entry );
723- if (buf )
724- free (buf );
725722}
726723
727724static void
0 commit comments