[PATCH v3] unstrip: Stop using strndupa.

[Érico Nogueira]

From: Érico Rolim <erico.erc@gmail.com>

This functon has inherent safety issues, since a long enough path can
lead to memory clobbering. Due to the recursive nature of
make_directories(), multiple calls could also stack overflow. Instead,
the string can be allocated in the heap.

As a bonus, this improves musl compatibility, since musl doesn't include
the strndupa macro for now.

Also add braces around while loop.

Signed-off-by: Érico Rolim <erico.erc@gmail.com>
---
 ChangeLog     |  4 ++++
 src/unstrip.c | 16 +++++++++++-----
 2 files changed, 15 insertions(+), 5 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 72e8397c..f82010f8 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2020-10-27  Érico N. Rolim  <erico.erc@gmail.com>
+
+	* unstrip: Stop using strndupa.
+
 2020-10-01  Frank Ch. Eigler  <fche@redhat.com>
 
 	PR25461
diff --git a/src/unstrip.c b/src/unstrip.c
index a855038a..0257d9cc 100644
--- a/src/unstrip.c
+++ b/src/unstrip.c
@@ -311,12 +311,18 @@ make_directories (const char *path)
   if (lastslash == path)
     return;
 
-  char *dir = strndupa (path, lastslash - path);
+  char *dir = strndup (path, lastslash - path);
+  if (dir == NULL)
+    error(EXIT_FAILURE, errno, _("memory exhausted"));
+
   while (mkdir (dir, 0777) < 0 && errno != EEXIST)
-    if (errno == ENOENT)
-      make_directories (dir);
-    else
-      error (EXIT_FAILURE, errno, _("cannot create directory '%s'"), dir);
+    {
+      if (errno == ENOENT)
+        make_directories (dir);
+      else
+        error (EXIT_FAILURE, errno, _("cannot create directory '%s'"), dir);
+    }
+  free (dir);
 }
 
 /* Keep track of new section data we are creating, so we can free it
-- 
2.29.0