On 2023/10/25 13:38:37 +0200, Alexander Bluhm <alexander.bl...@gmx.net> wrote:
> Index: patch.c
> ===================================================================
> RCS file: /data/mirror/openbsd/cvs/src/usr.bin/patch/patch.c,v
> diff -u -p -r1.74 patch.c
> --- patch.c 19 Jul 2023 13:26:20 -0000 1.74
> +++ patch.c 24 Oct 2023 17:13:28 -0000
> @@ -32,6 +32,7 @@
>
> #include <ctype.h>
> #include <getopt.h>
> +#include <libgen.h>
> #include <limits.h>
> #include <paths.h>
> #include <stdio.h>
> @@ -213,11 +214,27 @@ main(int argc, char *argv[])
> perror("unveil");
> my_exit(2);
> }
> - if (filearg[0] != NULL)
> + if (filearg[0] != NULL) {
> + char *origdir;
> +
> if (unveil(filearg[0], "rwc") == -1) {
> perror("unveil");
> my_exit(2);
> }
> + if ((origdir = dirname(filearg[0])) == NULL) {
Not sure if we're interested in it, but dirname(3) theoretically alter
the passed string. our dirname doesn't do it, but per posix it can,
IIUC. This could cause issues since filearg[0] is used later.
If we care about portability here, we should pass a copy to dirname.
don't know if we care thought.
> + perror("dirname");
> + my_exit(2);
> + }
> + if (unveil(origdir, "rwc") == -1) {
> + perror("unveil");
> + my_exit(2);
> + }
> + } else {
> + if (unveil(".", "rwc") == -1) {
> + perror("unveil");
> + my_exit(2);
> + }
> + }
> if (filearg[1] != NULL)
> if (unveil(filearg[1], "r") == -1) {
> perror("unveil");
