BUG/MEDIUM: ssl: fix the gcc-12 broken fix :-(
... or how a bogus warning forces you to do tricky changes in your code
and fail on a length test condition! Fortunately it changed in the right
direction that immediately broke, due to a missing "> sizeof(path)" that
had to be added to the already ugly condition.
This fixes recent commit 393e42ae5 ("BUILD: ssl: work around bogus warning
in gcc 12's -Wformat-truncation"). It may have to be backported if that
one is backported.
(cherry picked from commit 63fc900ba282437b96868103f1eb7db9ee7f482c)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
(cherry picked from commit dc8262796d95b4c1064fc800c888d174c31cf531)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
diff --git a/src/ssl_crtlist.c b/src/ssl_crtlist.c
index 9a79ae5..6b400e2 100644
--- a/src/ssl_crtlist.c
+++ b/src/ssl_crtlist.c
@@ -516,7 +516,7 @@
if (*crt_path != '/' && global_ssl.crt_base) {
if ((strlen(global_ssl.crt_base) + 1 + strlen(crt_path)) > sizeof(path) ||
- snprintf(path, sizeof(path), "%s/%s", global_ssl.crt_base, crt_path)) {
+ snprintf(path, sizeof(path), "%s/%s", global_ssl.crt_base, crt_path) > sizeof(path)) {
memprintf(err, "parsing [%s:%d]: '%s' : path too long",
file, linenum, crt_path);
cfgerr |= ERR_ALERT | ERR_FATAL;