From 840d372320c3ada6067a2e9027dd907c6c6b95b8 Mon Sep 17 00:00:00 2001 From: Victor Julien Date: Wed, 24 Sep 2025 09:55:52 +0200 Subject: [PATCH] log/tlsstore: improve path handling Use PathMerge. Address format truncation warnings. log-tlsstore.c: In function 'CreateFileName': log-tlsstore.c:68:9: warning: '%s' directive output may be truncated writing likely 1 or more bytes into a region of size between 0 and 4095 [-Wformat-truncation=] 68 | if (snprintf(path, sizeof(path), "%s/%s%ld.%ld-%d.pem", tls_logfile_base_dir, dir, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 69 | (long int)SCTIME_SECS(p->ts), (long int)SCTIME_USECS(p->ts), | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 70 | file_id) == sizeof(path)) | ~~~~~~~~ log-tlsstore.c:68:9: note: assuming directive output of 1 byte log-tlsstore.c:68:9: note: directive argument in the range [0, 17592186044415] log-tlsstore.c:68:9: note: directive argument in the range [0, 1048575] log-tlsstore.c:68:9: note: using the range [-2147483648, 2147483647] for directive argument log-tlsstore.c:68:9: note: 'snprintf' output 11 or more bytes (assuming 4126) into a destination of size 4096 Ticket: #7905. --- src/log-tlsstore.c | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/src/log-tlsstore.c b/src/log-tlsstore.c index e26f50a725..e14f8821cb 100644 --- a/src/log-tlsstore.c +++ b/src/log-tlsstore.c @@ -57,20 +57,19 @@ typedef struct LogTlsStoreLogThread_ { static int CreateFileName( const Packet *p, SSLState *state, char *filename, size_t filename_size, const bool client) { - char path[PATH_MAX]; + char file[PATH_MAX]; int file_id = SC_ATOMIC_ADD(cert_id, 1); - - const char *dir = client ? "client-" : ""; + const char *direction = client ? "client-" : ""; /* Use format : packet time + incremental ID * When running on same pcap it will overwrite * On a live device, we will not be able to overwrite */ - if (snprintf(path, sizeof(path), "%s/%s%ld.%ld-%d.pem", tls_logfile_base_dir, dir, - (long int)SCTIME_SECS(p->ts), (long int)SCTIME_USECS(p->ts), - file_id) == sizeof(path)) + if (snprintf(file, sizeof(file), "%s%ld.%ld-%d.pem", direction, (long int)SCTIME_SECS(p->ts), + (long int)SCTIME_USECS(p->ts), file_id) == sizeof(file)) return 0; - strlcpy(filename, path, filename_size); + if (PathMerge(filename, filename_size, tls_logfile_base_dir, file) < 0) + return 0; return 1; } @@ -419,8 +418,11 @@ static OutputInitResult LogTlsStoreLogInitCtx(SCConfNode *conf) strlcpy(tls_logfile_base_dir, s_base_dir, sizeof(tls_logfile_base_dir)); } else { - snprintf(tls_logfile_base_dir, sizeof(tls_logfile_base_dir), - "%s/%s", s_default_log_dir, s_base_dir); + if (PathMerge(tls_logfile_base_dir, sizeof(tls_logfile_base_dir), s_default_log_dir, + s_base_dir) < 0) { + LogTlsStoreLogDeInitCtx(output_ctx); + return result; + } } }