From: Willy Tarreau Date: Mon, 9 May 2022 19:14:04 +0000 (+0200) Subject: BUG/MEDIUM: ssl: fix the gcc-12 broken fix :-( X-Git-Tag: v2.6-dev10~66 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=63fc900ba282437b96868103f1eb7db9ee7f482c;p=thirdparty%2Fhaproxy.git BUG/MEDIUM: ssl: fix the gcc-12 broken fix :-( ... or how a bogus warning forces you to do tricky changes in your code and fail on a length test condition! Fortunately it changed in the right direction that immediately broke, due to a missing "> sizeof(path)" that had to be added to the already ugly condition. This fixes recent commit 393e42ae5 ("BUILD: ssl: work around bogus warning in gcc 12's -Wformat-truncation"). It may have to be backported if that one is backported. --- diff --git a/src/ssl_crtlist.c b/src/ssl_crtlist.c index f43982f4db..56d2bc4c9b 100644 --- a/src/ssl_crtlist.c +++ b/src/ssl_crtlist.c @@ -537,7 +537,7 @@ int crtlist_parse_file(char *file, struct bind_conf *bind_conf, struct proxy *cu if (*crt_path != '/' && global_ssl.crt_base) { if ((strlen(global_ssl.crt_base) + 1 + strlen(crt_path)) > sizeof(path) || - snprintf(path, sizeof(path), "%s/%s", global_ssl.crt_base, crt_path)) { + snprintf(path, sizeof(path), "%s/%s", global_ssl.crt_base, crt_path) > sizeof(path)) { memprintf(err, "parsing [%s:%d]: '%s' : path too long", file, linenum, crt_path); cfgerr |= ERR_ALERT | ERR_FATAL;