> > In other words,
> > copystr(src, dst, dstsiz, len)
> > is equivalent to:
> > if (strlcpy(dst, src, dstsiz) >= dstsiz)
> > return ENAMETOOLONG;
> > if (len != NULL)
> > *len = strlen(dst);
>
> This should be *len = strlen(dst)+1 as copystr includes the terminating 0x00
> in the length count.
>
> It doesn't matter for the current diff, but it will matter if you replace the
> last remaining use of copystr which does use the returned length value.
Indeed! So the third copystr() call could be replaced with this:
Index: sys/kern/vfs_lookup.c
===================================================================
RCS file: /OpenBSD/src/sys/kern/vfs_lookup.c,v
retrieving revision 1.87
diff -u -p -r1.87 vfs_lookup.c
--- sys/kern/vfs_lookup.c 14 Aug 2022 01:58:28 -0000 1.87
+++ sys/kern/vfs_lookup.c 25 Dec 2022 20:06:27 -0000
@@ -143,10 +143,16 @@ namei(struct nameidata *ndp)
*/
if ((cnp->cn_flags & HASBUF) == 0)
cnp->cn_pnbuf = pool_get(&namei_pool, PR_WAITOK);
- if (ndp->ni_segflg == UIO_SYSSPACE)
- error = copystr(ndp->ni_dirp, cnp->cn_pnbuf,
- MAXPATHLEN, &ndp->ni_pathlen);
- else
+ if (ndp->ni_segflg == UIO_SYSSPACE) {
+ ndp->ni_pathlen = strlcpy(cnp->cn_pnbuf, ndp->ni_dirp,
+ MAXPATHLEN);
+ if (ndp->ni_pathlen >= MAXPATHLEN) {
+ error = ENAMETOOLONG;
+ } else {
+ error = 0;
+ ndp->ni_pathlen++; /* ni_pathlen includes NUL */
+ }
+ } else
error = copyinstr(ndp->ni_dirp, cnp->cn_pnbuf,
MAXPATHLEN, &ndp->ni_pathlen);
