absolutePathFromBaseFile: avoid an unnecessary use of assert

* src/util/storage_file.c (absolutePathFromBaseFile): While this use
of virAsprintf is slightly cleaner than using stpncpy(stpcpy(...,
it does impose an artificial limitation on the length of the base_file
name.  Rather than asserting that it does not exceed INT_MAX, return
NULL when it does.

diff --git a/src/util/storage_file.c b/src/util/storage_file.c
index 3b69210e8ca5f120f25fa55dee345ee9a49f0d98..f8e528d30e617367ab7b632f165b8b5f8cd359ef 100644 (file)
--- a/src/util/storage_file.c
+++ b/src/util/storage_file.c
@@ -26,7 +26,6 @@
 
 #include <unistd.h>
 #include <fcntl.h>
-#include <assert.h>
 #include "dirname.h"
 #include "ignore-value.h"
 #include "memory.h"
@@ -251,7 +250,8 @@ absolutePathFromBaseFile(const char *base_file, const char *path)
         return strdup(path);
 
     /* Ensure that the following cast-to-int is valid.  */
-    assert (d_len <= INT_MAX);
+    if (d_len > INT_MAX)
+        return NULL;
 
     ignore_value(virAsprintf(&res, "%.*s/%s", (int) d_len, base_file, path));
     return res;