Return-Path: <david@tethera.net>
X-Original-To: notmuch@notmuchmail.org
Delivered-To: notmuch@notmuchmail.org
Received: from localhost (localhost [127.0.0.1])
 by arlo.cworth.org (Postfix) with ESMTP id 1BF556DE091B
 for <notmuch@notmuchmail.org>; Thu, 11 Aug 2016 22:51:32 -0700 (PDT)
X-Virus-Scanned: Debian amavisd-new at cworth.org
X-Spam-Flag: NO
X-Spam-Score: -0.008
X-Spam-Level: 
X-Spam-Status: No, score=-0.008 tagged_above=-999 required=5 tests=[AWL=0.003,
  SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=disabled
Received: from arlo.cworth.org ([127.0.0.1])
 by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id GY07eHWYz2ge for <notmuch@notmuchmail.org>;
 Thu, 11 Aug 2016 22:51:24 -0700 (PDT)
Received: from fethera.tethera.net (fethera.tethera.net [198.245.60.197])
 by arlo.cworth.org (Postfix) with ESMTPS id 1BE346DE0362
 for <notmuch@notmuchmail.org>; Thu, 11 Aug 2016 22:51:23 -0700 (PDT)
Received: from remotemail by fethera.tethera.net with local (Exim 4.84_2)
 (envelope-from <david@tethera.net>)
 id 1bY5NV-0006ad-NV; Fri, 12 Aug 2016 01:51:33 -0400
Received: (nullmailer pid 18608 invoked by uid 1000);
 Fri, 12 Aug 2016 05:51:16 -0000
From: David Bremner <david@tethera.net>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>,
 Notmuch Mail <notmuch@notmuchmail.org>
Subject: Re: [PATCH v4 01/16] add util/search-path.{c,
 h} to test for executables in $PATH
In-Reply-To: <1467970047-8013-2-git-send-email-dkg@fifthhorseman.net>
References: <1467970047-8013-1-git-send-email-dkg@fifthhorseman.net>
 <1467970047-8013-2-git-send-email-dkg@fifthhorseman.net>
User-Agent: Notmuch/0.22.1+61~g2ce0f13 (https://notmuchmail.org) Emacs/24.5.1
 (x86_64-pc-linux-gnu)
Date: Fri, 12 Aug 2016 14:51:16 +0900
Message-ID: <878tw2r0vf.fsf@maritornes.cs.unb.ca>
MIME-Version: 1.0
Content-Type: text/plain
X-BeenThere: notmuch@notmuchmail.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: "Use and development of the notmuch mail system."
 <notmuch.notmuchmail.org>
List-Unsubscribe: <https://notmuchmail.org/mailman/options/notmuch>,
 <mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
List-Archive: <http://notmuchmail.org/pipermail/notmuch/>
List-Post: <mailto:notmuch@notmuchmail.org>
List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
List-Subscribe: <https://notmuchmail.org/mailman/listinfo/notmuch>,
 <mailto:notmuch-request@notmuchmail.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Aug 2016 05:51:32 -0000

Daniel Kahn Gillmor <dkg@fifthhorseman.net> writes:

> This is a utility function we can use to see whether an executa>
> +    if (strchr (exename, '/')) {
> +	if (0 == access (exename, X_OK))
> +	    return TRUE;
> +	else
> +	    return FALSE;
> +    }

Should we distinguish between relative and absolute paths here?  I can't
think of any security implications, but I'm wondering if a relative path
is likely just a user error.

> +	path = (char *) malloc (n);
> +	if (! path)
> +	    return FALSE;

I kindof hate hiding the error here, although I agree it's
unlikely. What about the unixy return 0 ok, 1 not found -1 error?

> +	confstr (_CS_PATH, path, n);
> +    }
> +
> +    tok = strtok_r (path, ":", &save);
> +    while (tok) {

I guess it's fine to modify path here, but another option is
strtok_len (in string-util.h)