X-Git-Url: https://git.gag.com/?a=blobdiff_plain;f=lib%2Fopenat-priv.h;h=5d53df1201899f0d458dbecf72f452f603f4a932;hb=80de5593c97eff61f31584362041b5b2432fbe48;hp=e0818731f4506c98d25f6bd153d733fe7adc4e27;hpb=a2016c1de6e4884f6c8ed5cc498f3bf821c25ca4;p=debian%2Fgzip
diff --git a/lib/openat-priv.h b/lib/openat-priv.h
index e081873..5d53df1 100644
--- a/lib/openat-priv.h
+++ b/lib/openat-priv.h
@@ -1,6 +1,6 @@
/* Internals for openat-like functions.
- Copyright (C) 2005-2006, 2009-2010 Free Software Foundation, Inc.
+ Copyright (C) 2005-2006, 2009-2018 Free Software Foundation, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -13,7 +13,7 @@
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
- along with this program. If not, see . */
+ along with this program. If not, see . */
/* written by Jim Meyering */
@@ -21,9 +21,29 @@
#define _GL_HEADER_OPENAT_PRIV
#include
+#include
#include
-#define OPENAT_BUFFER_SIZE 512
+/* Maximum number of bytes that it is safe to allocate as a single
+ array on the stack, and that is known as a compile-time constant.
+ The assumption is that we'll touch the array very quickly, or a
+ temporary very near the array, provoking an out-of-memory trap. On
+ some operating systems, there is only one guard page for the stack,
+ and a page size can be as small as 4096 bytes. Subtract 64 in the
+ hope that this will let the compiler touch a nearby temporary and
+ provoke a trap. */
+#define SAFER_ALLOCA_MAX (4096 - 64)
+
+#define SAFER_ALLOCA(m) ((m) < SAFER_ALLOCA_MAX ? (m) : SAFER_ALLOCA_MAX)
+
+#if defined PATH_MAX
+# define OPENAT_BUFFER_SIZE SAFER_ALLOCA (PATH_MAX)
+#elif defined _XOPEN_PATH_MAX
+# define OPENAT_BUFFER_SIZE SAFER_ALLOCA (_XOPEN_PATH_MAX)
+#else
+# define OPENAT_BUFFER_SIZE SAFER_ALLOCA (1024)
+#endif
+
char *openat_proc_name (char buf[OPENAT_BUFFER_SIZE], int fd, char const *file);
/* Trying to access a BUILD_PROC_NAME file will fail on systems without