From 804b4747152a59bc2965be2db85839b8b2764fc7 Mon Sep 17 00:00:00 2001
From: Tomas Volf <tomas.volf@showmax.com>
Date: Fri, 1 Jul 2022 04:45:28 -0700
Subject: [PATCH] Replace strdupa with strdup

Strdupa has potential to be unsafe thanks to the possibly unbound stack
usage. It also generates warnings when compiled on musl. This commit
therefore replaces it with properly checked heap allocation using
strdup.

Fixes #15729

Closes #15763.

PiperOrigin-RevId: 458440234
Change-Id: I8c8574f654295086f767b4fc4ca6fc1e59097beb
---
 src/main/tools/linux-sandbox-pid1.cc | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/src/main/tools/linux-sandbox-pid1.cc b/src/main/tools/linux-sandbox-pid1.cc
index 2a3c48978fcbe8..b090ef99c52ff0 100644
--- a/src/main/tools/linux-sandbox-pid1.cc
+++ b/src/main/tools/linux-sandbox-pid1.cc
@@ -146,8 +146,17 @@ static int CreateTarget(const char *path, bool is_directory) {
   }
 
   // Create the parent directory.
-  if (CreateTarget(dirname(strdupa(path)), true) < 0) {
-    DIE("CreateTarget %s", dirname(strdupa(path)));
+  {
+    char *buf, *dir;
+
+    if (!(buf = strdup(path))) DIE("strdup");
+
+    dir = dirname(buf);
+    if (CreateTarget(dir, true) < 0) {
+      DIE("CreateTarget %s", dir);
+    }
+
+    free(buf);
   }
 
   if (is_directory) {