git_mkstemp(): be careful not to overflow the path buffer.

If user's TMPDIR is insanely long, return negative after
setting errno to ENAMETOOLONG, pretending that the underlying
mkstemp() choked on a temporary file path that is too long.
Signed-off-by: NJunio C Hamano <gitster@pobox.com>

diff.c

@@ -1695,7 +1695,7 @@ static void prep_temp_blob(struct diff_tempfile *temp,
 
 	fd = git_mkstemp(temp->tmp_path, PATH_MAX, ".diff_XXXXXX");
 	if (fd < 0)
-		die("unable to create temp-file");
+		die("unable to create temp-file: %s", strerror(errno));
 	if (write_in_full(fd, blob, size) != size)
 		die("unable to write temp-file");
 	close(fd);

path.c

@@ -71,21 +71,17 @@ char *git_path(const char *fmt, ...)
 /* git_mkstemp() - create tmp file honoring TMPDIR variable */
 int git_mkstemp(char *path, size_t len, const char *template)
 {
-	char *env, *pch = path;
-
-	if ((env = getenv("TMPDIR")) == NULL) {
-		strcpy(pch, "/tmp/");
-		len -= 5;
-		pch += 5;
-	} else {
-		size_t n = snprintf(pch, len, "%s/", env);
-
-		len -= n;
-		pch += n;
+	const char *tmp;
+	size_t n;
+
+	tmp = getenv("TMPDIR");
+	if (!tmp)
+		tmp = "/tmp";
+	n = snprintf(path, len, "%s/%s", tmp, template);
+	if (len <= n) {
+		errno = ENAMETOOLONG;
+		return -1;
 	}
-
-	strlcpy(pch, template, len);
-
 	return mkstemp(path);
 }