Larry suggested using concat_path_file() would be an even safer bet
for 'which'. I ageed, so I whipped this up -- which revealed a bug in
concat_path_file. It turns out that that a '/' can be appended from
either the path _or_ the filename, but only the former was checked.
-Erik
diff --git a/findutils/which.c b/findutils/which.c
index 08813c1..1e5e9ee 100644
--- a/findutils/which.c
+++ b/findutils/which.c
@@ -53,10 +53,9 @@
argv++;
found = 0;
for (i = 0; i < count; i++) {
- char buf[strlen(path_n)+strlen(*argv)+2];
- strcpy (buf, path_n);
- strcat (buf, "/");
- strcat (buf, *argv);
+ char *buf;
+ buf = concat_path_file(buf, path_n);
+ buf = concat_path_file(buf, *argv);
if (stat (buf, &filestat) == 0
&& filestat.st_mode & S_IXUSR)
{
diff --git a/libbb/concat_path_file.c b/libbb/concat_path_file.c
index d53dc0e..ce92310 100644
--- a/libbb/concat_path_file.c
+++ b/libbb/concat_path_file.c
@@ -15,9 +15,11 @@
int flg_slash = 1;
l = strlen(path);
- if(l>0 && path[l-1] == '/')
+ if (l>0 && path[l-1] == '/')
flg_slash--;
l += strlen(filename);
+ if (l>0 && filename[0] == '/')
+ flg_slash--;
outbuf = xmalloc(l+1+flg_slash);
sprintf(outbuf, (flg_slash ? "%s/%s" : "%s%s"), path, filename);
return outbuf;
diff --git a/which.c b/which.c
index 08813c1..1e5e9ee 100644
--- a/which.c
+++ b/which.c
@@ -53,10 +53,9 @@
argv++;
found = 0;
for (i = 0; i < count; i++) {
- char buf[strlen(path_n)+strlen(*argv)+2];
- strcpy (buf, path_n);
- strcat (buf, "/");
- strcat (buf, *argv);
+ char *buf;
+ buf = concat_path_file(buf, path_n);
+ buf = concat_path_file(buf, *argv);
if (stat (buf, &filestat) == 0
&& filestat.st_mode & S_IXUSR)
{