From 579f856c56c41153a45ae3529224a01babf2aa6a Mon Sep 17 00:00:00 2001
From: "Kelvin M. Klann" <kmk3.code@protonmail.com>
Date: Mon, 27 Sep 2021 23:51:36 -0300
Subject: firejail.h: add missing linux/limits.h include

firejail.h uses PATH_MAX when defining a macro.  Note that ARG_MAX and
PATH_MAX are not guaranteed to be (and potentially should not be)
defined.  From POSIX.1-2017's limits.h(0p)[1]:

> A definition of one of the symbolic constants in the following list
> shall be omitted from the <limits.h> header on specific
> implementations where the corresponding value is equal to or greater
> than the stated minimum, but where the value can vary depending on the
> file to which it is applied.  The actual value supported for a
> specific pathname shall be provided by the pathconf() function.

Use linux/limits.h instead of limits.h because glibc's limits.h
deliberately undefines ARG_MAX.  See glibc commit f96853beaf
("* sysdeps/unix/sysv/linux/bits/local_lim.h: Undefined ARG_MAX if",
2008-03-27)[2].

From /usr/include/bits/local_lim.h (glibc 2.33-5 on Artix Linux):

    #ifndef ARG_MAX
    # define __undef_ARG_MAX
    #endif

    /* The kernel sources contain a file with all the needed information.  */
    #include <linux/limits.h>
    /* [...] */
    /* Have to remove ARG_MAX?  */
    #ifdef __undef_ARG_MAX
    # undef ARG_MAX
    # undef __undef_ARG_MAX
    #endif

So if a file uses ARG_MAX (currently only cmdline.c) and limits.h (or a
firejail.h that includes limits.h) is included before linux/limits.h,
then the build will fail on glibc.  Build log from using limits.h
(instead of linux/limits.h) on firejail.h:

    $ make clean >/dev/null && make >/dev/null
    cmdline.c:145:12: error: use of undeclared identifier 'ARG_MAX'; did you mean 'CFG_MAX'?
            if (len > ARG_MAX) {
                      ^~~~~~~
                      CFG_MAX
    ./firejail.h:805:2: note: 'CFG_MAX' declared here
            CFG_MAX // this should always be the last entry
            ^
    [...]

Fixes #4578.

[1] https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/limits.h.html
[2] https://sourceware.org/git/?p=glibc.git;a=commit;h=f96853beafc26d4f030961b0b67a79b5bfad5733
---
 src/firejail/firejail.h | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h
index 2a7d88575..f554a3204 100644
--- a/src/firejail/firejail.h
+++ b/src/firejail/firejail.h
@@ -22,6 +22,7 @@
 #include "../include/common.h"
 #include "../include/euid_common.h"
 #include "../include/rundefs.h"
+#include <linux/limits.h> // Note: Plain limits.h may break ARG_MAX (see #4583)
 #include <stdarg.h>
 #include <sys/stat.h>
 
-- 
cgit v1.2.3-54-g00ecf