From 6d8fc10b8f2b1ef7eec4eadb8d88db69ebbac7cf Mon Sep 17 00:00:00 2001
From: Victor Julien <vjulien@oisf.net>
Date: Tue, 30 Sep 2025 06:53:40 +0200
Subject: [PATCH] output/filestore: improve path handling

** CID 1666422:       Error handling issues  (CHECKED_RETURN)
/src/output-filestore.c: 350           in GetLogDirectory()

_____________________________________________________________________________________________
*** CID 1666422:         Error handling issues  (CHECKED_RETURN)
/src/output-filestore.c: 350             in GetLogDirectory()
344             log_base_dir = default_log_dir;
345         }
346         if (PathIsAbsolute(log_base_dir)) {
347             strlcpy(out, log_base_dir, out_size);
348         } else {
349             const char *default_log_prefix = SCConfigGetLogDirectory();
>>>     CID 1666422:         Error handling issues  (CHECKED_RETURN)
>>>     Calling "PathMerge" without checking return value (as is done elsewhere 19 out of 21 times).
350             PathMerge(out, out_size, default_log_prefix, log_base_dir);
351         }
352     }
353
354     static bool InitFilestoreDirectory(const char *dir)
355     {
---
 src/output-filestore.c | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/src/output-filestore.c b/src/output-filestore.c
index fc44285008..7e3824254d 100644
--- a/src/output-filestore.c
+++ b/src/output-filestore.c
@@ -336,7 +336,7 @@ static void OutputFilestoreLogDeInitCtx(OutputCtx *output_ctx)
     SCFree(output_ctx);
 }
 
-static void GetLogDirectory(const SCConfNode *conf, char *out, size_t out_size)
+static int GetLogDirectory(const SCConfNode *conf, char *out, size_t out_size)
 {
     const char *log_base_dir = SCConfNodeLookupChildValue(conf, "dir");
     if (log_base_dir == NULL) {
@@ -344,11 +344,15 @@ static void GetLogDirectory(const SCConfNode *conf, char *out, size_t out_size)
         log_base_dir = default_log_dir;
     }
     if (PathIsAbsolute(log_base_dir)) {
-        strlcpy(out, log_base_dir, out_size);
+        size_t r = strlcpy(out, log_base_dir, out_size);
+        if (r >= out_size)
+            return -1;
     } else {
         const char *default_log_prefix = SCConfigGetLogDirectory();
-        PathMerge(out, out_size, default_log_prefix, log_base_dir);
+        if (PathMerge(out, out_size, default_log_prefix, log_base_dir) < 0)
+            return -1;
     }
+    return 0;
 }
 
 static bool InitFilestoreDirectory(const char *dir)
@@ -420,7 +424,10 @@ static OutputInitResult OutputFilestoreLogInitCtx(SCConfNode *conf)
     }
 
     char log_directory[PATH_MAX] = "";
-    GetLogDirectory(conf, log_directory, sizeof(log_directory));
+    if (GetLogDirectory(conf, log_directory, sizeof(log_directory)) < 0) {
+        SCLogError("File-store output path too long.");
+        return result;
+    }
     if (!InitFilestoreDirectory(log_directory)) {
         return result;
     }