I'd argue for a global replacement of sprintf(dest, ...) to snprintf(dest, sizeof(dest)...) Unfortunately, that's probably not an automated task. from the man page: The snprintf() and vsnprintf() functions will write at most size-1 of the characters printed into the output string (the size'th character then gets the terminating ‘\0’); if the return value is greater than or equal to the size argument, the string was too short and some of the printed characters were discarded. The output is always null-terminated, unless size is 0.
bonus points for checking the return code :) On Mon, Jul 8, 2024 at 6:55 AM Vincent Lefevre <vinc...@vinc17.net> wrote: > Compiling master with GCC gives: > > screen.c: In function ‘main’: > screen.c:794:56: warning: ‘sprintf’ may write a terminating nul past the > end of the destination [-Wformat-overflow=] > 794 | sprintf(SocketPath, "%s/.screen", home); > | ^ > screen.c:794:25: note: ‘sprintf’ output between 9 and 4097 bytes into a > destination of size 4096 > 794 | sprintf(SocketPath, "%s/.screen", home); > | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > Indeed, the test strlen(home) > MAXPATHLEN - 8 is not sufficient > due to the terminating null character (if home has length > MAXPATHLEN - 8, then MAXPATHLEN + 1 characters are written, > which is larger than the buffer size MAXPATHLEN). > > The attached patch fixes this problem and makes the warning disappear. > > -- > Vincent Lefèvre <vinc...@vinc17.net> - Web: <https://www.vinc17.net/> > 100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/> > Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon) >