Using realpath() directly with a non-NULL output buffer is unsafe because its behavior is unspecified on systems which don't have PATH_MAX (ie. Hurd)
I beleive this also fixes a small bug whereby 'buf' would not be freed on 'readlink -v' with ENABLE_FEATURE_CLEANUP. Signed-off-by: Jeremie Koenig <[email protected]> Signed-off-by: Denys Vlasenko <[email protected]> --- coreutils/readlink.c | 5 ++--- 1 files changed, 2 insertions(+), 3 deletions(-) diff --git a/coreutils/readlink.c b/coreutils/readlink.c index 20df38b..2ed5e2c 100644 --- a/coreutils/readlink.c +++ b/coreutils/readlink.c @@ -36,7 +36,6 @@ int readlink_main(int argc UNUSED_PARAM, char **argv) { char *buf; char *fname; - char pathbuf[PATH_MAX]; IF_FEATURE_READLINK_FOLLOW( unsigned opt; @@ -56,7 +55,7 @@ int readlink_main(int argc UNUSED_PARAM, char **argv) logmode = LOGMODE_NONE; if (opt & 1) { /* -f */ - buf = realpath(fname, pathbuf); + buf = xmalloc_realpath(fname); } else { buf = xmalloc_readlink_or_warn(fname); } @@ -65,7 +64,7 @@ int readlink_main(int argc UNUSED_PARAM, char **argv) return EXIT_FAILURE; printf((opt & 2) ? "%s" : "%s\n", buf); - if (ENABLE_FEATURE_CLEAN_UP && !opt) + if (ENABLE_FEATURE_CLEAN_UP) free(buf); fflush_stdout_and_exit(EXIT_SUCCESS); -- 1.7.1 _______________________________________________ busybox mailing list [email protected] http://lists.busybox.net/mailman/listinfo/busybox
