So I was sufficiently bored during breakfast and decided to run afl against patch...
basename(3) can fail thusly: ERRORS The following error codes may be set in errno: [ENAMETOOLONG] The path component to be returned was larger than PATH_MAX. and then strlen(3) segfaults. OK? (this is on top of tb's fix on bugs but should be independent and not cause conflicts.) diff --git pch.c pch.c index 4ae5f363393..63543a609fb 100644 --- pch.c +++ pch.c @@ -1422,7 +1422,7 @@ compare_names(const struct file_name *names, bool assume_exists) { size_t min_components, min_baselen, min_len, tmp; char *best = NULL; - char *path; + char *path, *bn; int i; /* @@ -1443,7 +1443,10 @@ compare_names(const struct file_name *names, bool assume_exists) min_components = tmp; best = path; } - if ((tmp = strlen(basename(path))) > min_baselen) + bn = basename(path); + if (bn == NULL) + continue; + if ((tmp = strlen(bn)) > min_baselen) continue; if (tmp < min_baselen) { min_baselen = tmp; -- In my defence, I have been left unsupervised.