From 63fc900ba282437b96868103f1eb7db9ee7f482c Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Mon, 9 May 2022 21:14:04 +0200 Subject: [PATCH] BUG/MEDIUM: ssl: fix the gcc-12 broken fix :-( ... or how a bogus warning forces you to do tricky changes in your code and fail on a length test condition! Fortunately it changed in the right direction that immediately broke, due to a missing "> sizeof(path)" that had to be added to the already ugly condition. This fixes recent commit 393e42ae5 ("BUILD: ssl: work around bogus warning in gcc 12's -Wformat-truncation"). It may have to be backported if that one is backported. --- src/ssl_crtlist.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/ssl_crtlist.c b/src/ssl_crtlist.c index f43982f4d..56d2bc4c9 100644 --- a/src/ssl_crtlist.c +++ b/src/ssl_crtlist.c @@ -537,7 +537,7 @@ int crtlist_parse_file(char *file, struct bind_conf *bind_conf, struct proxy *cu if (*crt_path != '/' && global_ssl.crt_base) { if ((strlen(global_ssl.crt_base) + 1 + strlen(crt_path)) > sizeof(path) || - snprintf(path, sizeof(path), "%s/%s", global_ssl.crt_base, crt_path)) { + snprintf(path, sizeof(path), "%s/%s", global_ssl.crt_base, crt_path) > sizeof(path)) { memprintf(err, "parsing [%s:%d]: '%s' : path too long", file, linenum, crt_path); cfgerr |= ERR_ALERT | ERR_FATAL;