BUG/MEDIUM: ssl: fix the gcc-12 broken fix :-( ... or how a bogus warning forces you to do tricky changes in your code and fail on a length test condition! Fortunately it changed in the right direction that immediately broke, due to a missing "> sizeof(path)" that had to be added to the already ugly condition. This fixes recent commit 393e42ae5 ("BUILD: ssl: work around bogus warning in gcc 12's -Wformat-truncation"). It may have to be backported if that one is backported.

commit: 63fc900ba282437b96868103f1eb7db9ee7f482c [log] [tgz]
author: Willy Tarreau <w@1wt.eu> Mon May 09 21:14:04 2022 +0200
committer: Willy Tarreau <w@1wt.eu> Mon May 09 21:16:13 2022 +0200
tree: 7a35e31767a4f09f74c9da92a13ca69cd960a1ff
parent: d86793479fbd21a976d5baa0bbc383c65cfac490 [diff]
diff --git a/src/ssl_crtlist.c b/src/ssl_crtlist.c
index f43982f..56d2bc4 100644
--- a/src/ssl_crtlist.c
+++ b/src/ssl_crtlist.c

@@ -537,7 +537,7 @@
 
 		if (*crt_path != '/' && global_ssl.crt_base) {
 			if ((strlen(global_ssl.crt_base) + 1 + strlen(crt_path)) > sizeof(path) ||
-			    snprintf(path, sizeof(path), "%s/%s",  global_ssl.crt_base, crt_path)) {
+			    snprintf(path, sizeof(path), "%s/%s",  global_ssl.crt_base, crt_path) > sizeof(path)) {
 				memprintf(err, "parsing [%s:%d]: '%s' : path too long",
 					  file, linenum, crt_path);
 				cfgerr |= ERR_ALERT | ERR_FATAL;
commit	63fc900ba282437b96868103f1eb7db9ee7f482c	[log] [tgz]
author	Willy Tarreau <w@1wt.eu>	Mon May 09 21:14:04 2022 +0200
committer	Willy Tarreau <w@1wt.eu>	Mon May 09 21:16:13 2022 +0200
tree	7a35e31767a4f09f74c9da92a13ca69cd960a1ff
parent	d86793479fbd21a976d5baa0bbc383c65cfac490 [diff]