From 5564838c22768a8a77a373c99279e55b9fbce925 Mon Sep 17 00:00:00 2001
From: Victor Julien <vjulien@oisf.net>
Date: Wed, 24 Sep 2025 09:13:09 +0200
Subject: [PATCH] detect/mpm: address format truncation warnings
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

detect-engine-mpm.c: In function ‘BuildBasicPname’:
detect-engine-mpm.c:197:43: error: ‘snprintf’ output may be truncated before the last format character [-Werror=format-truncation=]
  197 |         snprintf(pname, sizeof(pname), "%s", name);
      |                                           ^
detect-engine-mpm.c:197:9: note: ‘snprintf’ output 1 or more bytes (assuming 2) into a destination of size 1
  197 |         snprintf(pname, sizeof(pname), "%s", name);
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
detect-engine-mpm.c: In function ‘AppendTransformsToPname’:
detect-engine-mpm.c:231:61: error: ‘%s’ directive output may be truncated writing up to 1023 bytes into a region of size 7 [-Werror=format-truncation=]
  231 |             snprintf(xforms_print, sizeof(xforms_print), " (%s)", xforms);
      |                                                             ^~    ~~~~~~
detect-engine-mpm.c:231:13: note: ‘snprintf’ output between 4 and 1027 bytes into a destination of size 9
  231 |             snprintf(xforms_print, sizeof(xforms_print), " (%s)", xforms);
      |             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ticket: #7905.
---
 src/detect-engine-mpm.c | 31 +++++++++++++++++--------------
 1 file changed, 17 insertions(+), 14 deletions(-)

diff --git a/src/detect-engine-mpm.c b/src/detect-engine-mpm.c
index b13ef8ffbb..bfb91a7bae 100644
--- a/src/detect-engine-mpm.c
+++ b/src/detect-engine-mpm.c
@@ -194,7 +194,7 @@ static void BuildBasicPname(char *out, const size_t out_size, const char *name,
     if (strlen(name) >= name_space) {
         ShortenString(name, pname, name_space, '~');
     } else {
-        snprintf(pname, sizeof(pname), "%s", name);
+        strlcpy(pname, name, sizeof(pname));
     }
     snprintf(out, out_size, "%s#%u", pname, id);
 }
@@ -210,22 +210,25 @@ static void AppendTransformsToPname(
     if (transforms == NULL || transforms->cnt == 0)
         return;
 
-    /* create comma separated string of the names of the
-     * transforms and then shorten it if necessary. Finally
-     * use it to construct the 'profile' name for the engine */
-    char xforms[1024] = "";
-    for (int i = 0; i < transforms->cnt; i++) {
-        char ttstr[64];
-        (void)snprintf(ttstr, sizeof(ttstr), "%s,",
-                sigmatch_table[transforms->transforms[i].transform].name);
-        strlcat(xforms, ttstr, sizeof(xforms));
-    }
-    xforms[strlen(xforms) - 1] = '\0';
-
     ssize_t left = (ssize_t)out_size - (ssize_t)strlen(out) - (ssize_t)4;
-    SCLogDebug("left %d '%s' %d", (int)left, xforms, (int)strlen(xforms));
     /* only append xform if we can add least 5 chars */
     if (left >= 5) {
+        /* create comma separated string of the names of the
+         * transforms and then shorten it if necessary. Finally
+         * use it to construct the 'profile' name for the engine */
+        char xforms[left + 1];
+        memset(xforms, 0, left + 1);
+        for (int i = 0; i < transforms->cnt; i++) {
+            char ttstr[64];
+            (void)snprintf(ttstr, sizeof(ttstr), "%s,",
+                    sigmatch_table[transforms->transforms[i].transform].name);
+            strlcat(xforms, ttstr, sizeof(xforms));
+        }
+        if (strlen(xforms) == 0)
+            return;
+        xforms[strlen(xforms) - 1] = '\0';
+        SCLogDebug("left %d '%s' %d", (int)left, xforms, (int)strlen(xforms));
+
         char xforms_print[out_size];
         if ((size_t)left >= strlen(xforms)) {
             snprintf(xforms_print, sizeof(xforms_print), " (%s)", xforms);