git.ipfire.org Git - thirdparty/haproxy.git/commit

author	Willy Tarreau <w@1wt.eu>
	Mon, 9 May 2022 08:31:28 +0000 (10:31 +0200)
committer	Willy Tarreau <w@1wt.eu>
	Mon, 9 May 2022 18:32:11 +0000 (20:32 +0200)
commit	393e42ae5f8080f8637de505a86c987773d29a12
tree	1f25202eaac61d0454b530b79285df9a83489871	tree
parent	ecab71fbac3e14ca2f7f4b83081830c6ac9539ba	commit \| diff

BUILD: ssl: work around bogus warning in gcc 12's -Wformat-truncation

As was first reported by Ilya in issue #1513, Gcc 12 incorrectly reports
a possible overflow from the concatenation of two strings whose size was
previously checked to fit:

  src/ssl_crtlist.c: In function 'crtlist_parse_file':
  src/ssl_crtlist.c:545:58: error: '%s' directive output may be truncated writing up to 4095 bytes into a region of size between 1 and 4096 [-Werror=format-truncation=]
    545 |                         snprintf(path, sizeof(path), "%s/%s",  global_ssl.crt_base, crt_path);
        |                                                          ^~
  src/ssl_crtlist.c:545:25: note: 'snprintf' output between 2 and 8192 bytes into a destination of size 4097
    545 |                         snprintf(path, sizeof(path), "%s/%s",  global_ssl.crt_base, crt_path);
        |                         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

It would be a bit concerning to disable -Wformat-truncation because it
might detect real programming mistakes at other places. The solution
adopted in this patch is absolutely ugly and error-prone, but it works,
it consists in integrating the snprintf() call in the error condition
and to test the result again. Let's hope a smarter compiler will not
warn that this test is absurd since guaranteed by the first condition...

This may have to be backported for those suffering from a compiler upgrade.

src/cfgparse-ssl.c		diff \| blob \| blame \| history
src/ssl_crtlist.c		diff \| blob \| blame \| history