Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

===================================================================
RCS file: /ftp/cvs/cvsroot/src/lib/libc/gen/getcwd.c,v
retrieving revision 1.19
retrieving revision 1.24.6.2
diff -u -p -r1.19 -r1.24.6.2
--- src/lib/libc/gen/getcwd.c	1999/06/11 15:38:40	1.19
+++ src/lib/libc/gen/getcwd.c	2002/11/11 22:22:09	1.24.6.2
@@ -1,4 +1,4 @@
-/*	$NetBSD: getcwd.c,v 1.19 1999/06/11 15:38:40 christos Exp $	*/
+/*	$NetBSD: getcwd.c,v 1.24.6.2 2002/11/11 22:22:09 nathanw Exp $	*/
 
 /*
  * Copyright (c) 1989, 1991, 1993, 1995
@@ -41,7 +41,7 @@
 #if 0
 static char sccsid[] = "@(#)getcwd.c	8.5 (Berkeley) 2/7/95";
 #else
-__RCSID("$NetBSD: getcwd.c,v 1.19 1999/06/11 15:38:40 christos Exp $");
+__RCSID("$NetBSD: getcwd.c,v 1.24.6.2 2002/11/11 22:22:09 nathanw Exp $");
 #endif
 #endif /* LIBC_SCCS and not lint */
 
@@ -49,6 +49,7 @@ __RCSID("$NetBSD: getcwd.c,v 1.19 1999/0
 #include <sys/param.h>
 #include <sys/stat.h>
 
+#include <assert.h>
 #include <dirent.h>
 #include <errno.h>
 #include <fcntl.h>
@@ -60,8 +61,8 @@ __RCSID("$NetBSD: getcwd.c,v 1.19 1999/0
 #include "extern.h"
 
 #ifdef __weak_alias
-__weak_alias(getcwd,_getcwd);
-__weak_alias(realpath,_realpath);
+__weak_alias(getcwd,_getcwd)
+__weak_alias(realpath,_realpath)
 #endif
 
 #define	ISDOT(dp) \
@@ -86,9 +87,12 @@ realpath(path, resolved)
 	char *resolved;
 {
 	struct stat sb;
-	int fd, n, rootd, serrno;
+	int fd, n, rootd, serrno, nlnk = 0;
 	char *p, *q, wbuf[MAXPATHLEN];
 
+	_DIAGASSERT(path != NULL);
+	_DIAGASSERT(resolved != NULL);
+
 	/* Save the starting point. */
 	if ((fd = open(".", O_RDONLY)) < 0) {
 		(void)strcpy(resolved, ".");
@@ -126,7 +130,11 @@ loop:
 	/* Deal with the last component. */
 	if (lstat(p, &sb) == 0) {
 		if (S_ISLNK(sb.st_mode)) {
-			n = readlink(p, resolved, MAXPATHLEN);
+			if (nlnk++ >= MAXSYMLINKS) {
+				errno = ELOOP;
+				goto err1;
+			}
+			n = readlink(p, resolved, MAXPATHLEN-1);
 			if (n < 0)
 				goto err1;
 			resolved[n] = '\0';
@@ -143,7 +151,7 @@ loop:
 	 * Save the last component name and get the full pathname of
 	 * the current directory.
 	 */
-	(void)strncpy(wbuf, p, (sizeof(wbuf) - 1));
+	(void)strlcpy(wbuf, p, sizeof(wbuf));
 
 	/*
 	 * Call the inernal internal version of getcwd which
@@ -412,6 +420,8 @@ getcwd(pt, size)
 	for (;;) {
 		len = __getcwd(pt, bufsize);
 		if ((len < 0) && (size == 0) && (errno == ERANGE)) {
+			if (ptsize > (MAXPATHLEN*4))
+				return NULL;
 			if ((pt = realloc(pt, ptsize *= 2)) == NULL)
 				return NULL;
 			bufsize = ptsize;