diff options
| -rw-r--r-- | libbb/make_directory.c | 20 |
1 files changed, 14 insertions, 6 deletions
diff --git a/libbb/make_directory.c b/libbb/make_directory.c index 797ce27..5fa2a7e 100644 --- a/libbb/make_directory.c +++ b/libbb/make_directory.c @@ -50,17 +50,25 @@ int make_directory (const char *path, long mode, int flags) if (stat (path, &st) < 0 && errno == ENOENT) { int status; - char *buf, *parent; + char *pathcopy, *parent, *parentcopy; mode_t mask; mask = umask (0); umask (mask); - buf = xstrdup (path); - parent = dirname (buf); - status = make_directory (parent, (0777 & ~mask) | 0300, - FILEUTILS_RECUR); - free (buf); + /* dirname is unsafe, it may both modify the + memory of the path argument and may return + a pointer to static memory, which can then + be modified by consequtive calls to dirname */ + + pathcopy = xstrdup (path); + parent = dirname (pathcopy); + parentcopy = xstrdup (parent); + status = make_directory (parentcopy, (0777 & ~mask) + | 0300, FILEUTILS_RECUR); + free (pathcopy); + free (parentcopy); + if (status < 0 || make_directory (path, mode, 0) < 0) return -1; |