From 60c096eb0433f7573c768a2c8523abd3c11e0720 Mon Sep 17 00:00:00 2001
From: jvoisin
Date: Wed, 1 Apr 2026 20:37:02 +0200
Subject: Make do even if PATH_MAX isn't defined

As explained in `man realpath(3)`:

> The POSIX.1-2001 standard version of this function is broken by design,
> since it is impossible  to determine  a  suitable  size  for  the  output
> buffer, resolved_path.  According to POSIX.1-2001 a buffer of size PATH_MAX
> suffices, but PATH_MAX need not be a defined constant, and may have to  be
> obtained  using  pathconf(3).  And asking pathconf(3) does not really help,
> since, on the one hand POSIX warns that the result of pathconf(3) may be huge
> and unsuitable for mallocing memory, and on the other hand pathconf(3) may
> return -1 to  signify  that  PATH_MAX  is  not  bounded.   The  re‐ solved_path
> == NULL  feature,  not standardized in POSIX.1-2001, but standardized in
> POSIX.1-2008, allows this design problem to be avoided.

So we can either not compile, or be pragmatic, and define PATH_MAX to a sane
value, like 4096, which is the one used on Linux and some/most BSD.

This commit also adds two tests to ensure that things aren't catastrophically
broken by this change.
---
 include/stdlib.h | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'include/stdlib.h')

diff --git a/include/stdlib.h b/include/stdlib.h
index 0336d56..c95bb55 100644
--- a/include/stdlib.h
+++ b/include/stdlib.h
@@ -43,8 +43,9 @@ __fortify_warning_if(__p == NULL, "'realpath' called with path set to `NULL`; di
 _FORTIFY_FN(realpath) char *realpath(const char *__p, char *__r)
 {
 #ifndef PATH_MAX
-#error PATH_MAX unset. A fortified realpath will not work.
-#else
+/* see man realpath(3) */
+#define PATH_MAX 4096
+#endif
 	if (__r && PATH_MAX > __bos(__r, 2)) {
 		char __buf[PATH_MAX], *__ret;
 		size_t __l;
@@ -59,7 +60,6 @@ _FORTIFY_FN(realpath) char *realpath(const char *__p, char *__r)
 		return __r;
 	}
 	return __orig_realpath(__p, __r);
-#endif
 }
 #endif
 
-- 
cgit v1.3