importd: add assert for log_message_size accumulation bounds

Coverity flags log_message_size += l as a potential overflow, but l
is bounded by the read() count parameter which is
sizeof(log_message) - log_message_size. Add an assert to make this
invariant explicit.

CID#1548062

Follow-up for 3d7415f43f0fe6a821d7bc4a341ba371e8a30ef3

diff --git a/src/import/importd.c b/src/import/importd.c
index d3363d446cb67b60ad36bee909003c12e6c4dc2e..fed2af417019fde2ae38e7ecd6611a85f3eef1e7 100644 (file)
--- a/src/import/importd.c
+++ b/src/import/importd.c
@@ -418,6 +418,8 @@ static int transfer_on_log(sd_event_source *s, int fd, uint32_t revents, void *u
                 return 0;
         }
 
+        /* Silence static analyzers, l is bounded by read() count: sizeof - log_message_size */
+        assert((size_t) l <= sizeof(t->log_message) - t->log_message_size);
         t->log_message_size += l;
 
         transfer_send_logs(t, false);