BUILD: proto_uxst: shut up yet another gcc's absurd warning
When building with gcc-8 -fsanitize=address, we get this warning once on
an strncpy() call in proto_uxst.c:
src/proto_uxst.c:262:3: warning: 'strncpy' output may be truncated copying 107 bytes from a string of length 4095 [-Wstringop-truncation]
strncpy(addr.sun_path, tempname, sizeof(addr.sun_path) - 1);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
It happens despite the test on snprintf() at the top (since gcc's string
handling is totally empiric), and requires the strlen() test to be placed
"very close" to the strncpy() call (with "very close" yet to be determined).
There's no other way to shut this one except disabling it. Given there's
only one instance of this warning and the cost of dealing with it in the
code is not huge, let's decorate the code to make gcc happily believe it
is smart since it seems to have a mind of itself.
diff --git a/src/proto_uxst.c b/src/proto_uxst.c
index 663f59a..89f4b2f 100644
--- a/src/proto_uxst.c
+++ b/src/proto_uxst.c
@@ -215,7 +215,7 @@
if (path[0]) {
ret = snprintf(tempname, maxpathlen, "%s.%d.tmp", path, pid);
- if (ret < 0 || ret >= maxpathlen) {
+ if (ret < 0 || ret >= sizeof(addr.sun_path)) {
err |= ERR_FATAL | ERR_ALERT;
msg = "name too long for UNIX socket (limit usually 97)";
goto err_return;
@@ -248,6 +248,18 @@
goto err_return;
}
+ /* Note: this test is redundant with the snprintf one above and
+ * will never trigger, it's just added as the only way to shut
+ * gcc's painfully dumb warning about possibly truncated output
+ * during strncpy(). Don't move it above or smart gcc will not
+ * see it!
+ */
+ if (strlen(tempname) >= sizeof(addr.sun_path)) {
+ err |= ERR_FATAL | ERR_ALERT;
+ msg = "name too long for UNIX socket (limit usually 97)";
+ goto err_return;
+ }
+
strncpy(addr.sun_path, tempname, sizeof(addr.sun_path) - 1);
addr.sun_path[sizeof(addr.sun_path) - 1] = 0;
}