From 052644cf089e5fa150b99805ade0feccde61a7eb Mon Sep 17 00:00:00 2001
From: "U-WINDOWS81\\\\example" <ytrezq@sdf-eu.org>
Date: Sat, 25 Jun 2016 15:49:49 +0200
Subject: [PATCH] Always use PATH_MAX for representing path size or maximum
 filename size

---
 doc/doc-txt/ChangeLog         |  3 +++
 src/exim_monitor/em_globals.c |  2 +-
 src/exim_monitor/em_hdr.h     |  3 ++-
 src/exim_monitor/em_log.c     |  2 +-
 src/src/lookups/dbmdb.c       |  8 ++++----
 src/src/mime.c                | 16 ++++++++--------
 src/src/parse.c               |  2 +-
 src/src/receive.c             |  6 ++----
 8 files changed, 22 insertions(+), 20 deletions(-)

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index fa3b947da9..0217e6ea2f 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -48,6 +48,9 @@ LC/01 Prefer the use of size_t for variables representing sizes. Even if most
       In the meantime, this doesn’t impact any cases where negative length could
       have been used, as an error value.
 
+LC/02 Some values representing maximum path size were hard coded.
+      They are now replaced with the PATH_MAX macro.
+
 
 Exim version 4.87
 -----------------
diff --git a/src/exim_monitor/em_globals.c b/src/exim_monitor/em_globals.c
index 9221ae2da1..8bb5c545ae 100644
--- a/src/exim_monitor/em_globals.c
+++ b/src/exim_monitor/em_globals.c
@@ -59,7 +59,7 @@ BOOL    log_datestamping = FALSE;
 int     log_depth = 150;
 uschar *log_display_buffer;
 uschar *log_file = NULL;
-uschar  log_file_open[256];
+uschar  log_file_open[PATH_MAX];
 uschar *log_font = NULL;
 ino_t   log_inode;
 long int log_position;
diff --git a/src/exim_monitor/em_hdr.h b/src/exim_monitor/em_hdr.h
index fc3dc52584..25c429f180 100644
--- a/src/exim_monitor/em_hdr.h
+++ b/src/exim_monitor/em_hdr.h
@@ -31,6 +31,7 @@ purposes! */
 /* ANSI C includes */
 
 #include <ctype.h>
+#include <limits.h>
 #include <setjmp.h>
 #include <signal.h>
 #include <stdarg.h>
@@ -253,7 +254,7 @@ extern BOOL    log_datestamping;    /* TRUE if logs are datestamped */
 extern int     log_depth;           /* depth of log tail window */
 extern uschar *log_display_buffer;  /* to hold display text */
 extern uschar *log_file;            /* supplied name of exim log file */
-extern uschar  log_file_open[256];  /* actual open file */
+extern uschar  log_file_open[PATH_MAX]; /* actual open file */
 extern uschar *log_font;            /* font for log display */
 extern ino_t   log_inode;           /* the inode of the log file */
 extern long int log_position;      /* position in log file */
diff --git a/src/exim_monitor/em_log.c b/src/exim_monitor/em_log.c
index 9ff994ced4..4dd5098856 100644
--- a/src/exim_monitor/em_log.c
+++ b/src/exim_monitor/em_log.c
@@ -367,7 +367,7 @@ link count of zero on the currently open file. */
 
 if (log_datestamping)
   {
-  uschar log_file_wanted[256];
+  uschar log_file_wanted[PATH_MAX];
   /* Do *not* use "%s" here, we need the %D datestamp in the log_file to
    *   be expanded! */
   string_format(log_file_wanted, sizeof(log_file_wanted), CS log_file);
diff --git a/src/src/lookups/dbmdb.c b/src/src/lookups/dbmdb.c
index 00993af68a..1d7b57032a 100644
--- a/src/src/lookups/dbmdb.c
+++ b/src/src/lookups/dbmdb.c
@@ -54,18 +54,18 @@ rc = lf_check_file(-1, filename, S_IFREG, modemask, owners, owngroups,
   "dbm", errmsg);
 #else
   {
-  uschar filebuffer[256];
-  (void)sprintf(CS filebuffer, "%.250s.db", filename);
+  uschar filebuffer[PATH_MAX];
+  (void)sprintf(CS filebuffer, "%.*s.db", PATH_MAX-16, filename);
   rc = lf_check_file(-1, filebuffer, S_IFREG, modemask, owners, owngroups,
     "dbm", errmsg);
   if (rc < 0)        /* stat() failed */
     {
-    (void)sprintf(CS filebuffer, "%.250s.dir", filename);
+    (void)sprintf(CS filebuffer, "%.*s.dir", PATH_MAX-16, filename);
     rc = lf_check_file(-1, filebuffer, S_IFREG, modemask, owners, owngroups,
       "dbm", errmsg);
     if (rc == 0)     /* x.dir was OK */
       {
-      (void)sprintf(CS filebuffer, "%.250s.pag", filename);
+      (void)sprintf(CS filebuffer, "%.*s.pag", PATH_MAX-16, filename);
       rc = lf_check_file(-1, filebuffer, S_IFREG, modemask, owners, owngroups,
         "dbm", errmsg);
       }
diff --git a/src/src/mime.c b/src/src/mime.c
index ae41b46949..941d099f91 100644
--- a/src/src/mime.c
+++ b/src/src/mime.c
@@ -194,11 +194,11 @@ mime_get_decode_file(uschar *pname, uschar *fname)
 FILE *f = NULL;
 uschar *filename;
 
-filename = (uschar *)malloc(2048);
+filename = (uschar *)malloc(PATH_MAX);
 
 if (pname && fname)
   {
-  (void)string_format(filename, 2048, "%s/%s", pname, fname);
+  (void)string_format(filename, PATH_MAX, "%s/%s", pname, fname);
   f = modefopen(filename,"wb+",SPOOL_MODE);
   }
 else if (!pname)
@@ -212,7 +212,7 @@ else if (!fname)
   do
     {
     struct stat mystat;
-    (void)string_format(filename, 2048,
+    (void)string_format(filename, PATH_MAX,
       "%s/%s-%05u", pname, message_id, file_nr++);
     /* security break */
     if (file_nr >= 1024)
@@ -236,8 +236,8 @@ mime_decode(const uschar **listptr)
 int sep = 0;
 const uschar *list = *listptr;
 uschar *option;
-uschar option_buffer[1024];
-uschar decode_path[1024];
+uschar option_buffer[PATH_MAX];
+uschar decode_path[PATH_MAX];
 FILE *decode_file = NULL;
 long f_pos = 0;
 ssize_t size_counter = 0;
@@ -249,7 +249,7 @@ if (mime_stream == NULL)
 f_pos = ftell(mime_stream);
 
 /* build default decode path (will exist since MBOX must be spooled up) */
-(void)string_format(decode_path,1024,"%s/scan/%s",spool_directory,message_id);
+(void)string_format(decode_path,PATH_MAX,"%s/scan/%s",spool_directory,message_id);
 
 /* try to find 1st option */
 if ((option = string_nextinlist(&list, &sep,
@@ -783,7 +783,7 @@ while(1)
 	  (Ustrncmp(mime_content_type,"message/rfc822",14) == 0) )
     {
     const uschar *rfc822name = NULL;
-    uschar filename[2048];
+    uschar filename[PATH_MAX];
     int file_nr = 0;
     int result = 0;
 
@@ -791,7 +791,7 @@ while(1)
     do
       {
       struct stat mystat;
-      (void)string_format(filename, 2048,
+      (void)string_format(filename, PATH_MAX,
 	"%s/scan/%s/__rfc822_%05u", spool_directory, message_id, file_nr++);
       /* security break */
       if (file_nr >= 128)
diff --git a/src/src/parse.c b/src/src/parse.c
index 6f7c7ad286..44ccf2e96b 100644
--- a/src/src/parse.c
+++ b/src/src/parse.c
@@ -1381,7 +1381,7 @@ for (;;)
   if (Ustrncmp(s, ":include:", 9) == 0)
     {
     uschar *filebuf;
-    uschar filename[256];
+    uschar filename[PATH_MAX];
     uschar *t = s+9;
     int flen = len - 9;
     int frc;
diff --git a/src/src/receive.c b/src/src/receive.c
index 4520c6793b..69ab8d097c 100644
--- a/src/src/receive.c
+++ b/src/src/receive.c
@@ -1168,15 +1168,13 @@ run_mime_acl(uschar *acl, BOOL *smtp_yield_ptr, uschar **smtp_reply_ptr,
   uschar **blackholed_by_ptr)
 {
 FILE *mbox_file;
-uschar rfc822_file_path[2048];
+uschar rfc822_file_path[PATH_MAX]={0};
 unsigned long mbox_size;
 header_line *my_headerlist;
 uschar *user_msg, *log_msg;
 int mime_part_count_buffer = -1;
 int rc = OK;
 
-memset(CS rfc822_file_path,0,2048);
-
 /* check if it is a MIME message */
 my_headerlist = header_list;
 while (my_headerlist != NULL)
@@ -1238,7 +1236,7 @@ if (Ustrlen(rfc822_file_path) > 0)
 /* check if we must check any message/rfc822 attachments */
 if (rc == OK)
   {
-  uschar temp_path[1024];
+  uschar temp_path[PATH_MAX];
   struct dirent * entry;
   DIR * tempdir;