Fix crash on MacOS/amd64 due to undefined behaviour of strlcpy.

strlcpy has undefined behaviour in case the copied string regions overlap. On platforms with a vector optimized memcpy implementation, overlapping regions may crash the process e.g. with Child process pid=0 terminated abnormally: Illegal instruction: 4 At this call-site the strlcpy parameters almost certainly overlap. Refactor the code to do the intended functionality in-place.
freebsd · Nov 12, 2024 · a4a647b · a4a647b
1 parent 866ffc6
commit a4a647b
Showing 1 changed file with 9 additions and 3 deletions.
diff --git a/libpkg/pkg_add.c b/libpkg/pkg_add.c
@@ -1139,7 +1139,7 @@ pkg_add_check_pkg_archive(struct pkgdb *db, struct pkg *pkg,
 	const char	*arch;
 	int	ret, retcode;
 	struct pkg_dep	*dep = NULL;
-	char	bd[MAXPATHLEN], *basedir = NULL;
+	char	bd[MAXPATHLEN];
 	char	dpath[MAXPATHLEN], *ppath;
 	const char	*ext = NULL;
 	struct pkg	*pkg_inst = NULL;
@@ -1187,8 +1187,14 @@ pkg_add_check_pkg_archive(struct pkgdb *db, struct pkg *pkg,
 	fromstdin = STREQ(path, "-");
 	strlcpy(bd, path, sizeof(bd));
 	if (!fromstdin) {
-		basedir = get_dirname(bd);
-		strlcpy(bd, basedir, sizeof(bd));
+		/* In-place truncate bd to the directory components. */
+		char *basedir = strrchr(bd, '/');
+		if (NULL == basedir) {
+			bd[0]='.';
+			bd[1]='\0';
+		} else {
+			*basedir = '\0';
+		}
 		if ((ext = strrchr(path, '.')) == NULL) {
 			pkg_emit_error("%s has no extension", path);
 			return (EPKG_FATAL);