URL: <https://savannah.gnu.org/bugs/?66415>
Summary: SocketPath and socknamebuf size Group: GNU Screen Submitter: themusicgod1 Submitted: Wed 06 Nov 2024 11:04:19 AM CST Category: None Severity: 3 - Normal Priority: 5 - Normal Status: None Privacy: Public Assigned to: None Open/Closed: Open Discussion Lock: Any Release: 5.0.0 Fixed Release: None Planned Release: None Work Required: None _______________________________________________________ Follow-up Comments: ------------------------------------------------------- Date: Wed 06 Nov 2024 11:04:19 AM CST By: Jeffrey Cliff <themusicgod1> for screen: 5.0 (but also master branch commit 9d8b0ff) gcc: gcc (GCC) 15.0.0 20240509 (experimental) CFLAGS: -std=gnu23 -Oz -march=native shows that screen.c tries to write > 4095 bytes into a region of size 4095 via snprintf screen.c: In function ‘main’: screen.c:955:102: warning: ‘%s’ directive output may be truncated writing up to 4096 bytes into a region of size 4095 [-Wformat-truncation=] 955 | snprintf(SocketPath + strlen(SocketPath), sizeof(SocketPath) - strlen(SocketPath), "/%s", socknamebuf); | ^~ ~~~~~~~~~~~ screen.c:955:17: note: ‘snprintf’ output between 2 and 4098 bytes into a destination of size 4096 955 | snprintf(SocketPath + strlen(SocketPath), sizeof(SocketPath) - strlen(SocketPath), "/%s", socknamebuf); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ screen.c:1020:94: warning: ‘%s’ directive output may be truncated writing up to 4096 bytes into a region of size 4095 [-Wformat-truncation=] 1020 | snprintf(SocketPath + strlen(SocketPath), sizeof(SocketPath) - strlen(SocketPath), "/%s", socknamebuf); | ^~ ~~~~~~~~~~~ screen.c:1020:9: note: ‘snprintf’ output between 2 and 4098 bytes into a destination of size 4096 1020 | snprintf(SocketPath + strlen(SocketPath), sizeof(SocketPath) - strlen(SocketPath), "/%s", socknamebuf); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ here's one potential fix: --- screen-5.0.0/screen.c 2024-08-28 13:55:03.000000000 -0600 +++ screen-compiles/screen.c 2024-11-06 10:38:26.816344943 -0600 @@ -104,7 +104,7 @@ /* Content of the tty symlink when attach_tty_is_in_new_ns == true. */ char attach_tty_name_in_ns[MAXPATHLEN]; -char SocketPath[MAXPATHLEN]; +char SocketPath[MAXPATHLEN+2]; char *SocketName; /* SocketName is pointer in SocketPath */ char *SocketMatch = NULL; /* session id command line argument */ int ServerSocket = -1; --- screen-5.0.0/screen.h 2024-08-28 13:55:03.000000000 -0600 +++ screen-compiles/screen.h 2024-11-06 10:38:09.609346246 -0600 @@ -237,7 +237,7 @@ extern char attach_tty_name_in_ns[]; extern char strnomem[]; extern char HostName[]; -extern char SocketPath[MAXPATHLEN]; +extern char SocketPath[MAXPATHLEN+2]; extern char *attach_tty; extern char *attach_term; extern char *captionstring; _______________________________________________________ Reply to this item at: <https://savannah.gnu.org/bugs/?66415> _______________________________________________ Message sent via Savannah https://savannah.gnu.org/
signature.asc
Description: PGP signature