--- /dev/null
+diff -ur pax-20090728/file_subs.c pax-20090728.modified/file_subs.c
+--- pax-20090728/file_subs.c 2009-07-28 17:38:28.000000000 +0000
++++ pax-20090728.modified/file_subs.c 2011-10-15 12:56:46.000000000 +0000
+@@ -351,7 +351,7 @@
+ int pass = 0;
+ mode_t file_mode;
+ struct stat sb;
+- char target[MAXPATHLEN];
++ char *target = NULL;
+ char *nm = arcn->name;
+ int len;
+
+@@ -374,8 +374,15 @@
+ if (strcmp(NM_TAR, argv0) == 0 && Lflag) {
+ while (lstat(nm, &sb) == 0 &&
+ S_ISLNK(sb.st_mode)) {
++ target = malloc(sb.st_size + 1);
++ if (target == NULL) {
++ oerrno = ENOMEM;
++ syswarn(1, oerrno,
++ "Insufficient memory");
++ return(-1);
++ }
+ len = readlink(nm, target,
+- sizeof target - 1);
++ sb.st_size);
+ if (len == -1) {
+ syswarn(0, errno,
+ "cannot follow symlink %s in chain for %s",
+@@ -411,6 +418,7 @@
+ paxwarn(0,
+ "%s skipped. Sockets cannot be copied or extracted",
+ nm);
++ free(target);
+ return(-1);
+ case PAX_SLK:
+ res = symlink(arcn->ln_name, nm);
+@@ -425,6 +433,7 @@
+ */
+ paxwarn(0, "%s has an unknown file type, skipping",
+ nm);
++ free(target);
+ return(-1);
+ }
+
+@@ -440,14 +449,17 @@
+ * we failed to make the node
+ */
+ oerrno = errno;
+- if ((ign = unlnk_exist(nm, arcn->type)) < 0)
++ if ((ign = unlnk_exist(nm, arcn->type)) < 0) {
++ free(target);
+ return(-1);
++ }
+
+ if (++pass <= 1)
+ continue;
+
+ if (nodirs || chk_path(nm,arcn->sb.st_uid,arcn->sb.st_gid) < 0) {
+ syswarn(1, oerrno, "Could not create: %s", nm);
++ free(target);
+ return(-1);
+ }
+ }
+@@ -465,8 +477,10 @@
+ /*
+ * symlinks are done now.
+ */
+- if (arcn->type == PAX_SLK)
++ if (arcn->type == PAX_SLK) {
++ free(target);
+ return(0);
++ }
+
+ /*
+ * IMPORTANT SECURITY NOTE:
+@@ -517,6 +531,7 @@
+
+ if (patime || pmtime)
+ set_ftime(nm, arcn->sb.st_mtime, arcn->sb.st_atime, 0);
++ free(target);
+ return(0);
+ }
+
+diff -ur pax-20090728/tables.c pax-20090728.modified/tables.c
+--- pax-20090728/tables.c 2009-07-28 17:38:28.000000000 +0000
++++ pax-20090728.modified/tables.c 2011-10-15 13:39:29.000000000 +0000
+@@ -55,6 +55,7 @@
+ #include "pax.h"
+ #include "tables.h"
+ #include "extern.h"
++#include "features.h"
+
+ /*
+ * Routines for controlling the contents of all the different databases pax
+@@ -1126,13 +1127,21 @@
+ add_dir(char *name, struct stat *psb, int frc_mode)
+ {
+ DIRDATA *dblk;
++#if (_POSIX_C_SOURCE - 0) >= 200809L
++ char *rp = NULL;
++#else
+ char realname[MAXPATHLEN], *rp;
++#endif
+
+ if (dirp == NULL)
+ return;
+
+ if (havechd && *name != '/') {
++#if (_POSIX_C_SOURCE - 0) >= 200809L
++ if ((rp = realpath(name, NULL)) == NULL) {
++#else
+ if ((rp = realpath(name, realname)) == NULL) {
++#endif
+ paxwarn(1, "Cannot canonicalize %s", name);
+ return;
+ }
+@@ -1143,6 +1152,9 @@
+ if (dblk == NULL) {
+ paxwarn(1, "Unable to store mode and times for created"
+ " directory: %s", name);
++#if (_POSIX_C_SOURCE - 0) >= 200809L
++ free(rp);
++#endif
+ return;
+ }
+ dirp = dblk;
+@@ -1152,6 +1164,9 @@
+ if ((dblk->name = strdup(name)) == NULL) {
+ paxwarn(1, "Unable to store mode and times for created"
+ " directory: %s", name);
++#if (_POSIX_C_SOURCE - 0) >= 200809L
++ free(rp);
++#endif
+ return;
+ }
+ dblk->mode = psb->st_mode & 0xffff;
+@@ -1159,6 +1174,9 @@
+ dblk->atime = psb->st_atime;
+ dblk->frc_mode = frc_mode;
+ ++dircnt;
++#if (_POSIX_C_SOURCE - 0) >= 200809L
++ free(rp);
++#endif
+ }
+
+ /*