rpki-client refactor some path building

Thu, 03 Dec 2020 05:33:42 -0800 

Use asprintf with %.*s to construct the path based on the mft file
location and the filename of the referenced file.

Since the * field in printf(3) is expecting an int type, typecast the
ptrdiff_t to an int. Add an assert check to make sure there is no
overflow. Also do the same overflow check in mft.c where the same idiom is
used.

Maybe some PATH_MAX checks should be placed in the mft parser.
-- 
:wq Claudio

Index: main.c
===================================================================
RCS file: /cvs/src/usr.sbin/rpki-client/main.c,v
retrieving revision 1.85
diff -u -p -r1.85 main.c
--- main.c      2 Dec 2020 15:31:15 -0000       1.85
+++ main.c      3 Dec 2020 12:25:24 -0000
@@ -451,23 +451,16 @@ static void
 queue_add_from_mft(int fd, struct entityq *q, const char *mft,
     const struct mftfile *file, enum rtype type, size_t *eid)
 {
-       size_t           sz;
        char            *cp, *nfile;
 
        /* Construct local path from filename. */
-
-       sz = strlen(file->file) + strlen(mft);
-       if ((nfile = calloc(sz + 1, 1)) == NULL)
-               err(1, "calloc");
-
        /* We know this is host/module/... */
 
-       strlcpy(nfile, mft, sz + 1);
-       cp = strrchr(nfile, '/');
+       cp = strrchr(mft, '/');
        assert(cp != NULL);
-       cp++;
-       *cp = '\0';
-       strlcat(nfile, file->file, sz + 1);
+       assert(cp - mft < INT_MAX);
+       if (asprintf(&nfile, "%.*s/%s", (int)(cp - mft), mft, file->file) == -1)
+               err(1, "asprintf");
 
        /*
         * Since we're from the same directory as the MFT file, we know
Index: mft.c
===================================================================
RCS file: /cvs/src/usr.sbin/rpki-client/mft.c,v
retrieving revision 1.19
diff -u -p -r1.19 mft.c
--- mft.c       6 Nov 2020 04:22:18 -0000       1.19
+++ mft.c       3 Dec 2020 12:37:15 -0000
@@ -17,6 +17,7 @@
 
 #include <assert.h>
 #include <err.h>
+#include <limits.h>
 #include <stdarg.h>
 #include <stdint.h>
 #include <fcntl.h>
@@ -457,6 +458,7 @@ mft_validfilehash(const char *fn, const 
        /* Check hash of file now, but first build path for it */
        cp = strrchr(fn, '/');
        assert(cp != NULL);
+       assert(cp - fn < INT_MAX);
        if (asprintf(&path, "%.*s/%s", (int)(cp - fn), fn, m->file) == -1)
                err(1, "asprintf");

Reply via email to