firejail.h: add missing linux/limits.h include

firejail.h uses PATH_MAX when defining a macro. Note that ARG_MAX and PATH_MAX are not guaranteed to be (and potentially should not be) defined. From POSIX.1-2017's limits.h(0p)[1]: > A definition of one of the symbolic constants in the following list > shall be omitted from the <limits.h> header on specific > implementations where the corresponding value is equal to or greater > than the stated minimum, but where the value can vary depending on the > file to which it is applied. The actual value supported for a > specific pathname shall be provided by the pathconf() function. Use linux/limits.h instead of limits.h because glibc's limits.h deliberately undefines ARG_MAX. See glibc commit f96853beaf ("* sysdeps/unix/sysv/linux/bits/local_lim.h: Undefined ARG_MAX if", 2008-03-27)[2]. From /usr/include/bits/local_lim.h (glibc 2.33-5 on Artix Linux): #ifndef ARG_MAX # define __undef_ARG_MAX #endif /* The kernel sources contain a file with all the needed information. */ #include <linux/limits.h> /* [...] */ /* Have to remove ARG_MAX? */ #ifdef __undef_ARG_MAX # undef ARG_MAX # undef __undef_ARG_MAX #endif So if a file uses ARG_MAX (currently only cmdline.c) and limits.h (or a firejail.h that includes limits.h) is included before linux/limits.h, then the build will fail on glibc. Build log from using limits.h (instead of linux/limits.h) on firejail.h: $ make clean >/dev/null && make >/dev/null cmdline.c:145:12: error: use of undeclared identifier 'ARG_MAX'; did you mean 'CFG_MAX'? if (len > ARG_MAX) { ^~~~~~~ CFG_MAX ./firejail.h:805:2: note: 'CFG_MAX' declared here CFG_MAX // this should always be the last entry ^ [...] Fixes #4578. [1] https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/limits.h.html [2] https://sourceware.org/git/?p=glibc.git;a=commit;h=f96853beafc26d4f030961b0b67a79b5bfad5733
author: Kelvin M. Klann <kmk3.code@protonmail.com> 2021-09-27 23:51:36 -0300
committer: Kelvin M. Klann <kmk3.code@protonmail.com> 2021-10-01 19:20:21 -0300
commit: 579f856c56c41153a45ae3529224a01babf2aa6a (patch)
tree: 21eed829f00602a5cd24e0e9cd6388904f8ef82c
parent: Remove unnecessary linux/limits.h include (diff)
download: firejail-579f856c56c41153a45ae3529224a01babf2aa6a.tar.gz
firejail-579f856c56c41153a45ae3529224a01babf2aa6a.tar.zst
firejail-579f856c56c41153a45ae3529224a01babf2aa6a.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h
index 2a7d88575..f554a3204 100644
--- a/src/firejail/firejail.h
+++ b/src/firejail/firejail.h
@@ -22,6 +22,7 @@
 #include "../include/common.h"
 #include "../include/euid_common.h"
 #include "../include/rundefs.h"
+#include <linux/limits.h> // Note: Plain limits.h may break ARG_MAX (see #4583)
 #include <stdarg.h>
 #include <sys/stat.h>
author	Kelvin M. Klann <kmk3.code@protonmail.com>	2021-09-27 23:51:36 -0300
committer	Kelvin M. Klann <kmk3.code@protonmail.com>	2021-10-01 19:20:21 -0300
commit	579f856c56c41153a45ae3529224a01babf2aa6a (patch)
tree	21eed829f00602a5cd24e0e9cd6388904f8ef82c
parent	Remove unnecessary linux/limits.h include (diff)
download	firejail-579f856c56c41153a45ae3529224a01babf2aa6a.tar.gz firejail-579f856c56c41153a45ae3529224a01babf2aa6a.tar.zst firejail-579f856c56c41153a45ae3529224a01babf2aa6a.zip

diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index 2a7d88575..f554a3204 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h
@@ -22,6 +22,7 @@
22	#include "../include/common.h"	22	#include "../include/common.h"
23	#include "../include/euid_common.h"	23	#include "../include/euid_common.h"
24	#include "../include/rundefs.h"	24	#include "../include/rundefs.h"
		25	#include <linux/limits.h> // Note: Plain limits.h may break ARG_MAX (see #4583)
25	#include <stdarg.h>	26	#include <stdarg.h>
26	#include <sys/stat.h>	27	#include <sys/stat.h>
27		28