Always use PATH_MAX for representing path size or maximum filename size

Author: ytrezq

doc/doc-txt/ChangeLog

@@ -48,6 +48,9 @@ LC/01 Prefer the use of size_t for variables representing sizes. Even if most
       In the meantime, this doesn’t impact any cases where negative length could
       have been used, as an error value.
 
+LC/02 Some values representing maximum path size were hard coded.
+      They are now replaced with the PATH_MAX macro.
+
 
 Exim version 4.87
 -----------------

src/exim_monitor/em_globals.c

@@ -59,7 +59,7 @@ BOOL    log_datestamping = FALSE;
 int     log_depth = 150;
 uschar *log_display_buffer;
 uschar *log_file = NULL;
-uschar  log_file_open[256];
+uschar  log_file_open[PATH_MAX];
 uschar *log_font = NULL;
 ino_t   log_inode;
 long int log_position;

src/exim_monitor/em_hdr.h

@@ -31,6 +31,7 @@ purposes! */
 /* ANSI C includes */
 
 #include <ctype.h>
+#include <limits.h>
 #include <setjmp.h>
 #include <signal.h>
 #include <stdarg.h>
@@ -253,7 +254,7 @@ extern BOOL    log_datestamping;    /* TRUE if logs are datestamped */
 extern int     log_depth;           /* depth of log tail window */
 extern uschar *log_display_buffer;  /* to hold display text */
 extern uschar *log_file;            /* supplied name of exim log file */
-extern uschar  log_file_open[256];  /* actual open file */
+extern uschar  log_file_open[PATH_MAX]; /* actual open file */
 extern uschar *log_font;            /* font for log display */
 extern ino_t   log_inode;           /* the inode of the log file */
 extern long int log_position;      /* position in log file */

src/exim_monitor/em_log.c

@@ -367,7 +367,7 @@ link count of zero on the currently open file. */
 
 if (log_datestamping)
   {
-  uschar log_file_wanted[256];
+  uschar log_file_wanted[PATH_MAX];
   /* Do *not* use "%s" here, we need the %D datestamp in the log_file to
    *   be expanded! */
   string_format(log_file_wanted, sizeof(log_file_wanted), CS log_file);

src/src/lookups/dbmdb.c

@@ -54,18 +54,18 @@ rc = lf_check_file(-1, filename, S_IFREG, modemask, owners, owngroups,
   "dbm", errmsg);
 #else
   {
-  uschar filebuffer[256];
-  (void)sprintf(CS filebuffer, "%.250s.db", filename);
+  uschar filebuffer[PATH_MAX];
+  (void)sprintf(CS filebuffer, "%.*s.db", PATH_MAX-16, filename);
   rc = lf_check_file(-1, filebuffer, S_IFREG, modemask, owners, owngroups,
     "dbm", errmsg);
   if (rc < 0)        /* stat() failed */
     {
-    (void)sprintf(CS filebuffer, "%.250s.dir", filename);
+    (void)sprintf(CS filebuffer, "%.*s.dir", PATH_MAX-16, filename);
     rc = lf_check_file(-1, filebuffer, S_IFREG, modemask, owners, owngroups,
       "dbm", errmsg);
     if (rc == 0)     /* x.dir was OK */
       {
-      (void)sprintf(CS filebuffer, "%.250s.pag", filename);
+      (void)sprintf(CS filebuffer, "%.*s.pag", PATH_MAX-16, filename);
       rc = lf_check_file(-1, filebuffer, S_IFREG, modemask, owners, owngroups,
         "dbm", errmsg);
       }

src/src/mime.c

@@ -194,11 +194,11 @@ mime_get_decode_file(uschar *pname, uschar *fname)
 FILE *f = NULL;
 uschar *filename;
 
-filename = (uschar *)malloc(2048);
+filename = (uschar *)malloc(PATH_MAX);
 
 if (pname && fname)
   {
-  (void)string_format(filename, 2048, "%s/%s", pname, fname);
+  (void)string_format(filename, PATH_MAX, "%s/%s", pname, fname);
   f = modefopen(filename,"wb+",SPOOL_MODE);
   }
 else if (!pname)
@@ -212,7 +212,7 @@ else if (!fname)
   do
     {
     struct stat mystat;
-    (void)string_format(filename, 2048,
+    (void)string_format(filename, PATH_MAX,
       "%s/%s-%05u", pname, message_id, file_nr++);
     /* security break */
     if (file_nr >= 1024)
@@ -236,8 +236,8 @@ mime_decode(const uschar **listptr)
 int sep = 0;
 const uschar *list = *listptr;
 uschar *option;
-uschar option_buffer[1024];
-uschar decode_path[1024];
+uschar option_buffer[PATH_MAX];
+uschar decode_path[PATH_MAX];
 FILE *decode_file = NULL;
 long f_pos = 0;
 ssize_t size_counter = 0;
@@ -249,7 +249,7 @@ if (mime_stream == NULL)
 f_pos = ftell(mime_stream);
 
 /* build default decode path (will exist since MBOX must be spooled up) */
-(void)string_format(decode_path,1024,"%s/scan/%s",spool_directory,message_id);
+(void)string_format(decode_path,PATH_MAX,"%s/scan/%s",spool_directory,message_id);
 
 /* try to find 1st option */
 if ((option = string_nextinlist(&list, &sep,
@@ -783,15 +783,15 @@ while(1)
 	  (Ustrncmp(mime_content_type,"message/rfc822",14) == 0) )
     {
     const uschar *rfc822name = NULL;
-    uschar filename[2048];
+    uschar filename[PATH_MAX];
     int file_nr = 0;
     int result = 0;
 
     /* must find first free sequential filename */
     do
       {
       struct stat mystat;
-      (void)string_format(filename, 2048,
+      (void)string_format(filename, PATH_MAX,
 	"%s/scan/%s/__rfc822_%05u", spool_directory, message_id, file_nr++);
       /* security break */
       if (file_nr >= 128)

src/src/parse.c

@@ -1381,7 +1381,7 @@ for (;;)
   if (Ustrncmp(s, ":include:", 9) == 0)
     {
     uschar *filebuf;
-    uschar filename[256];
+    uschar filename[PATH_MAX];
     uschar *t = s+9;
     int flen = len - 9;
     int frc;

src/src/receive.c

@@ -1168,15 +1168,13 @@ run_mime_acl(uschar *acl, BOOL *smtp_yield_ptr, uschar **smtp_reply_ptr,
   uschar **blackholed_by_ptr)
 {
 FILE *mbox_file;
-uschar rfc822_file_path[2048];
+uschar rfc822_file_path[PATH_MAX]={0};
 unsigned long mbox_size;
 header_line *my_headerlist;
 uschar *user_msg, *log_msg;
 int mime_part_count_buffer = -1;
 int rc = OK;
 
-memset(CS rfc822_file_path,0,2048);
-
 /* check if it is a MIME message */
 my_headerlist = header_list;
 while (my_headerlist != NULL)
@@ -1238,7 +1236,7 @@ if (Ustrlen(rfc822_file_path) > 0)
 /* check if we must check any message/rfc822 attachments */
 if (rc == OK)
   {
-  uschar temp_path[1024];
+  uschar temp_path[PATH_MAX];
   struct dirent * entry;
   DIR * tempdir;