This is an automated email from the ASF dual-hosted git repository.
bcall pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new d90df83052 Fix stringop-truncation warning in ats_unix_append_id
(#12613)
d90df83052 is described below
commit d90df830522a65e1cfcf1b39bf7b5fa64e0a7bcc
Author: Bryan Call <[email protected]>
AuthorDate: Mon Oct 27 14:09:40 2025 -0700
Fix stringop-truncation warning in ats_unix_append_id (#12613)
* Fix stringop-truncation warning in ats_unix_append_id
Replace strncat with memcpy to satisfy GCC's -Werror=stringop-truncation
warning. The original code was safe due to the bounds check, but GCC
couldn't determine this. Using memcpy makes the intent clearer and
eliminates the warning.
---
include/tscore/ink_inet.h | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/include/tscore/ink_inet.h b/include/tscore/ink_inet.h
index cc9a07a0e8..18319b1353 100644
--- a/include/tscore/ink_inet.h
+++ b/include/tscore/ink_inet.h
@@ -324,8 +324,16 @@ ats_unix_append_id(sockaddr_un *s, int id)
{
char tmp[16];
int cnt = snprintf(tmp, sizeof(tmp), "-%d", id);
- if (static_cast<size_t>(ats_unix_path_len(s) + cnt) < TS_UNIX_SIZE) {
- strncat(s->sun_path, tmp, cnt);
+
+ // Defensive check: snprintf can return negative on error or >= sizeof(tmp)
if truncated
+ if (cnt < 0 || cnt >= static_cast<int>(sizeof(tmp))) {
+ ink_assert(!"snprintf failed or truncated in ats_unix_append_id");
+ return;
+ }
+
+ int old_len = ats_unix_path_len(s);
+ if (static_cast<size_t>(old_len + cnt) < TS_UNIX_SIZE) {
+ memcpy(s->sun_path + old_len, tmp, cnt + 1); // +1 to include the null
terminator
#if HAVE_STRUCT_SOCKADDR_UN_SUN_LEN
s->sun_len = SUN_LEN(s);
#endif
