From d1481af94e5e540b863d43c4cc8ddafb0147d1aa Mon Sep 17 00:00:00 2001 From: Jason Ish Date: Sat, 25 Apr 2026 16:56:46 +0200 Subject: [PATCH] ssl: convert memcpy to strlcpy to avoid flto issue When using ASAN, flto=auto and compiling on a platform that supports AVX-512, this memcpy is optimized as its exactly 64 bytes. However, when using ASAN, there is a fake stack that may not be 64 bytes aligned, and this AVX write lands on an unaligned byte, causing a crash. Use strlcpy avoids this optimization as it needs to find the NUL byte. --- src/detect-ssl-state.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/detect-ssl-state.c b/src/detect-ssl-state.c index acee62a2b0..fa89135439 100644 --- a/src/detect-ssl-state.c +++ b/src/detect-ssl-state.c @@ -268,7 +268,7 @@ static DetectSslStateData *DetectSslStateParse(const char *arg) goto error; } - memcpy(str1, str2, sizeof(str1)); + strlcpy(str1, str2, sizeof(str1)); pcre2_match_data_free(match2); }