From: Luca Boccassi <luca.boccassi@gmail.com>
Date: Tue, 7 Apr 2026 23:40:01 +0000 (+0100)
Subject: sd-bus: assert ALIGN result in sd_bus_message_new
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=79a9a9972870b99a045483f2b2126dceaf39f9df;p=thirdparty%2Fsystemd.git

sd-bus: assert ALIGN result in sd_bus_message_new

Coverity flags ALIGN(sizeof(sd_bus_message)) as potentially
returning SIZE_MAX, making the subsequent + sizeof(BusMessageHeader)
overflow. Store the ALIGN result in a local and assert it is not
SIZE_MAX.

CID#1548031

Follow-up for 4f5b28b72c7ff78c7eabcce7ad4f0eaebfd5545d
---

diff --git a/src/libsystemd/sd-bus/bus-message.c b/src/libsystemd/sd-bus/bus-message.c
index f66b2fa3e22..358fb3ca756 100644
--- a/src/libsystemd/sd-bus/bus-message.c
+++ b/src/libsystemd/sd-bus/bus-message.c
@@ -464,8 +464,8 @@ _public_ int sd_bus_message_new(
         /* Creation of messages with _SD_BUS_MESSAGE_TYPE_INVALID is allowed. */
         assert_return(type < _SD_BUS_MESSAGE_TYPE_MAX, -EINVAL);
 
-        /* Silence static analyzers */
-        assert_cc(sizeof(sd_bus_message) + sizeof(void*) + sizeof(BusMessageHeader) <= SIZE_MAX);
+        /* Silence static analyzers, ALIGN cannot overflow for sizeof() */
+        assert(ALIGN(sizeof(sd_bus_message)) != SIZE_MAX);
         sd_bus_message *t = malloc0(ALIGN(sizeof(sd_bus_message)) + sizeof(BusMessageHeader));
         if (!t)
                 return -ENOMEM;