Server: use MAXPATHLEN for char arrays when they contain filenames

This prevents out-of-bounds access by functions that already use MAXPATHLEN.

Fixes CID 120041, 120042, 120043, 120044, 120045 reported by Coverity

sched/file_deleter.cpp

@@ -40,6 +40,7 @@
 #include <pwd.h>
 #include <sys/types.h>
 #include <sys/stat.h>
+#include <sys/resource.h>
 #if HAVE_STRINGS_H
 #include <strings.h>
 #endif
@@ -224,7 +225,7 @@ int wu_delete_files(WORKUNIT& wu) {
 
 int result_delete_files(RESULT& result) {
     char* p;
-    char filename[256], pathname[256], buf[BLOB_SIZE];
+    char filename[MAXPATHLEN], pathname[MAXPATHLEN], buf[BLOB_SIZE];
     bool no_delete=false;
     int count_deleted = 0, retval, mthd_retval = 0;
 

sched/single_job_assimilator.cpp

@@ -25,6 +25,7 @@
 #include <string>
 #include <unistd.h>
 #include <vector>
+#include <sys/resource.h>
 
 #include "boinc_db.h"
 #include "error_numbers.h"
@@ -55,7 +56,7 @@ int assimilate_handler(
     WORKUNIT& wu, vector<RESULT>& /*results*/, RESULT& canonical_result
 ) {
     int retval;
-    char buf[1024], filename[256], job_dir[256], job_dir_file[256];
+    char buf[1024], filename[MAXPATHLEN], job_dir[MAXPATHLEN], job_dir_file[MAXPATHLEN];
     unsigned int i;
 
     // delete the template files
@@ -71,11 +72,11 @@ int assimilate_handler(
     );
     FILE* f = fopen(job_dir_file, "r");
     if (!f) {
-        log_messages.printf(MSG_CRITICAL, "Can't open job file %s\n", buf);
+        log_messages.printf(MSG_CRITICAL, "Can't open job file %s\n", job_dir_file);
         return 0;
     }
     if (!fgets(buf, 1024, f)) {
-        log_messages.printf(MSG_CRITICAL, "Can't read job file %s\n", buf);
+        log_messages.printf(MSG_CRITICAL, "Can't read job file %s\n", job_dir_file);
         fclose(f);
         return 0;
     }

vda/sched_vda.cpp

@@ -28,6 +28,7 @@
 #include <string>
 #include <unistd.h>
 #include <sys/wait.h>
+#include <sys/resource.h>
 
 #include "filesys.h"
 
@@ -134,8 +135,8 @@ static int get_chunk_md5(char* chunk_dir, char* md5_buf) {
 //      delete from upload dir
 //
 static int process_completed_upload(char* phys_filename, CHUNK_LIST& chunks) {
-    char path[1024], buf[256];
-    char chunk_name[1024], file_name[1024];
+    char path[MAXPATHLEN], buf[256];
+    char chunk_name[1024], file_name[MAXPATHLEN];
     int retval, hostid;
 
     retval = parse_physical_filename(

vda/vda.cpp

@@ -23,6 +23,7 @@
 #include <stdio.h>
 #include <unistd.h>
 #include <set>
+#include <sys/resource.h>
 
 #include "boinc_db.h"
 #include "filesys.h"
@@ -149,7 +150,7 @@ int handle_add(const char* path) {
 
 int handle_remove(const char* name) {
     DB_VDA_FILE vf;
-    char buf[1024];
+    char buf[MAXPATHLEN];
     snprintf(buf, sizeof(buf), "where file_name='%s'", name);
     int retval = vf.lookup(buf);
     if (retval) return retval;

vda/vda_lib2.cpp

@@ -22,6 +22,7 @@
 #include <sys/stat.h>
 #include <sys/types.h>
 #include <sys/wait.h>
+#include <sys/resource.h>
 #include <vector>
 #include <unistd.h>
 
@@ -474,7 +475,7 @@ int CHUNK::upload_all() {
 // leaving only the bottom-level chunks
 //
 int VDA_FILE_AUX::init() {
-    char buf[1024], buf2[1024];
+    char buf[MAXPATHLEN], buf2[MAXPATHLEN];
     sprintf(buf, "%s/%s", dir, DATA_FILENAME);
     sprintf(buf2, "%s/%s", dir, file_name);
     int retval = symlink(buf2, buf);