From 02339203a07f4f9a6b794728f753214e13f8e170 Mon Sep 17 00:00:00 2001
From: Vadim Zhukov <zhuk@openbsd.org>
Date: Sun, 26 Jul 2015 19:08:17 +0000
Subject: [PATCH] Stop exiting on cmdline overflow: it's used only for logging,
 so aborting the whole process is stupid, and actually breaks things.

Noticed and analyzed by as well as input from nigel@.

Okay tedu@, espie@ and (if I understood correctly) hall@
---
 doas.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/doas.c b/doas.c
index 7963926..618027b 100644
--- a/doas.c
+++ b/doas.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: doas.c,v 1.21 2015/07/24 06:36:42 zhuk Exp $ */
+/* $OpenBSD: doas.c,v 1.22 2015/07/26 17:24:02 zhuk Exp $ */
 /*
  * Copyright (c) 2015 Ted Unangst <tedu@openbsd.org>
  *
@@ -374,16 +374,18 @@ main(int argc, char **argv, char **envp)
 		    target));
 	parseconfig("/etc/doas.conf", 1);
 
-	cmd = argv[0];
+	/* cmdline is used only for logging, no need to abort on truncate */
+	(void) strlcpy(cmdline, argv[0], sizeof(cmdline)) < sizeof(cmdline);
 	if (strlcpy(cmdline, argv[0], sizeof(cmdline)) >= sizeof(cmdline))
 		errx(1, "command line too long");
 	for (i = 1; i < argc; i++) {
 		if (strlcat(cmdline, " ", sizeof(cmdline)) >= sizeof(cmdline))
-			errx(1, "command line too long");
+			break;
 		if (strlcat(cmdline, argv[i], sizeof(cmdline)) >= sizeof(cmdline))
-			errx(1, "command line too long");
+			break;
 	}
 
+	cmd = argv[0];
 	if (!permit(uid, groups, ngroups, &rule, target, cmd,
 	    (const char**)argv + 1)) {
 		syslog(LOG_AUTHPRIV | LOG_NOTICE,
-- 
2.39.2