github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 6

firejail.h: add missing linux/limits.h include

Browse source 
firejail.h uses PATH_MAX when defining a macro.  Note that ARG_MAX and
PATH_MAX are not guaranteed to be (and potentially should not be)
defined.  From POSIX.1-2017's limits.h(0p)[1]:

> A definition of one of the symbolic constants in the following list
> shall be omitted from the <limits.h> header on specific
> implementations where the corresponding value is equal to or greater
> than the stated minimum, but where the value can vary depending on the
> file to which it is applied.  The actual value supported for a
> specific pathname shall be provided by the pathconf() function.

Use linux/limits.h instead of limits.h because glibc's limits.h
deliberately undefines ARG_MAX.  See glibc commit f96853beaf
("* sysdeps/unix/sysv/linux/bits/local_lim.h: Undefined ARG_MAX if",
2008-03-27)[2].

From /usr/include/bits/local_lim.h (glibc 2.33-5 on Artix Linux):

    #ifndef ARG_MAX
    # define __undef_ARG_MAX
    #endif

    /* The kernel sources contain a file with all the needed information.  */
    #include <linux/limits.h>
    /* [...] */
    /* Have to remove ARG_MAX?  */
    #ifdef __undef_ARG_MAX
    # undef ARG_MAX
    # undef __undef_ARG_MAX
    #endif

So if a file uses ARG_MAX (currently only cmdline.c) and limits.h (or a
firejail.h that includes limits.h) is included before linux/limits.h,
then the build will fail on glibc.  Build log from using limits.h
(instead of linux/limits.h) on firejail.h:

    $ make clean >/dev/null && make >/dev/null
    cmdline.c:145:12: error: use of undeclared identifier 'ARG_MAX'; did you mean 'CFG_MAX'?
            if (len > ARG_MAX) {
                      ^~~~~~~
                      CFG_MAX
    ./firejail.h:805:2: note: 'CFG_MAX' declared here
            CFG_MAX // this should always be the last entry
            ^
    [...]

Fixes #4578.

[1] https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/limits.h.html
[2] https://sourceware.org/git/?p=glibc.git;a=commit;h=f96853beafc26d4f030961b0b67a79b5bfad5733
This commit is contained in:
Kelvin M. Klann 2021-09-27 23:51:36 -03:00
parent ac78207f7c
commit 579f856c56
1 changed files with 1 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
src/firejail/firejail.h
View file

@ -22,6 +22,7 @@
#include "../include/common.h"
#include "../include/euid_common.h"
#include "../include/rundefs.h"
#include <linux/limits.h> // Note: Plain limits.h may break ARG_MAX (see #4583)
#include <stdarg.h>
#include <sys/stat.h>