Fix a case of undefined behavior due to overlapping buf objects in

snprintf (buf, size, fmt, buf, etc). This only works by chance with our libc, but fails (with a truncated string) on e.g. glibc. Okayed by: sobomax MFC after: 1 week
author: schweikh <schweikh@FreeBSD.org> 2003-12-23 15:01:12 +0000
committer: schweikh <schweikh@FreeBSD.org> 2003-12-23 15:01:12 +0000
commit: 0e961ee647d02838c0c3eb117ac007a28f1e49fb (patch)
tree: b6aef9e035b2b3a0e75c8ab9f4dd3be6f6a2104c /usr.sbin/pkg_install
parent: 79e51fd0d791a5f37c83f72a51137221cddd265c (diff)
download: FreeBSD-src-0e961ee647d02838c0c3eb117ac007a28f1e49fb.zip
FreeBSD-src-0e961ee647d02838c0c3eb117ac007a28f1e49fb.tar.gz
1 files changed, 3 insertions, 2 deletions
diff --git a/usr.sbin/pkg_install/lib/match.c b/usr.sbin/pkg_install/lib/match.c
index 5312c27..27db978 100644
--- a/usr.sbin/pkg_install/lib/match.c
+++ b/usr.sbin/pkg_install/lib/match.c
@@ -236,13 +236,14 @@ int
 isinstalledpkg(const char *name)
 {
     char buf[FILENAME_MAX];
+    char buf2[FILENAME_MAX];
 
     snprintf(buf, sizeof(buf), "%s/%s", LOG_DIR, name);
     if (!isdir(buf) || access(buf, R_OK) == FAIL)
 	return FALSE;
 
-    snprintf(buf, sizeof(buf), "%s/%s", buf, CONTENTS_FNAME);
-    if (!isfile(buf) || access(buf, R_OK) == FAIL)
+    snprintf(buf2, sizeof(buf2), "%s/%s", buf, CONTENTS_FNAME);
+    if (!isfile(buf2) || access(buf2, R_OK) == FAIL)
 	return FALSE;
 
     return TRUE;
author	schweikh <schweikh@FreeBSD.org>	2003-12-23 15:01:12 +0000
committer	schweikh <schweikh@FreeBSD.org>	2003-12-23 15:01:12 +0000
commit	0e961ee647d02838c0c3eb117ac007a28f1e49fb (patch)
tree	b6aef9e035b2b3a0e75c8ab9f4dd3be6f6a2104c /usr.sbin/pkg_install
parent	79e51fd0d791a5f37c83f72a51137221cddd265c (diff)
download	FreeBSD-src-0e961ee647d02838c0c3eb117ac007a28f1e49fb.zip FreeBSD-src-0e961ee647d02838c0c3eb117ac007a28f1e49fb.tar.gz