Fix potential buffer overflow in strncat()

When using clang/llvm 3.8 to compile flex, the following warning is emitted: main.c:378:27: warning: the value of the size argument in 'strncat' is too large, might lead to a buffer overflow [-Wstrncat-size] strncat(m4_path, m4, sizeof(m4_path)); ^~~~~~~~~~~~~~~ main.c:378:27: note: change the argument to be the free space in the destination buffer minus the terminating null byte strncat(m4_path, m4, sizeof(m4_path)); ^~~~~~~~~~~~~~~ sizeof(m4_path) - strlen(m4_path) - 1 Fix it up by using the solution proposed by the warning message.
author: Tobias Klauser <tklauser@distanz.ch> 2016-03-31 10:09:57 +0200
committer: Tobias Klauser <tklauser@distanz.ch> 2016-03-31 10:09:57 +0200
commit: babe9a1e8eeb5497756d4d7998dd1ca82c62a189 (patch)
tree: f3685efd0c44c4eab5b06962000d84a625e6105c /src/main.c
parent: c5d903dcda8aeba366026dcaeb866b067cbb0180 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/src/main.c b/src/main.c
index bc1a8bd..e0502d0 100644
--- a/src/main.c
+++ b/src/main.c
@@ -375,7 +375,7 @@ void check_options (void)
 					strncpy(m4_path, path, sizeof(m4_path));
 					m4_path[endOfDir-path] = '/';
 					m4_path[endOfDir-path+1] = '\0';
-					strncat(m4_path, m4, sizeof(m4_path));
+					strncat(m4_path, m4, sizeof(m4_path) - strlen(m4_path) - 1);
 					if (stat(m4_path, &sbuf) == 0 &&
 						(S_ISREG(sbuf.st_mode)) && sbuf.st_mode & S_IXUSR) {
 						m4 = strdup(m4_path);
author	Tobias Klauser <tklauser@distanz.ch>	2016-03-31 10:09:57 +0200
committer	Tobias Klauser <tklauser@distanz.ch>	2016-03-31 10:09:57 +0200
commit	babe9a1e8eeb5497756d4d7998dd1ca82c62a189 (patch)
tree	f3685efd0c44c4eab5b06962000d84a625e6105c /src/main.c
parent	c5d903dcda8aeba366026dcaeb866b067cbb0180 (diff)