From 981f902138ec61188c64050feab0904dcaa1b07d Mon Sep 17 00:00:00 2001
From: Victor Julien <vjulien@oisf.net>
Date: Wed, 24 Sep 2025 09:04:09 +0200
Subject: [PATCH] app-layer/smtp: address format truncation warning

This appears to be a FP. Work around it to allow for using this warning
as an error.

Limit scheme lenght to < 256 as well.

app-layer-smtp.c: In function 'SMTPConfigure':
app-layer-smtp.c:371:69: warning: 'snprintf' output may be truncated before the last format character [-Wformat-truncation=]
  371 |                     int r = snprintf(new_val, scheme_len + 1, "%s://", scheme->val);
      |                                                                     ^
app-layer-smtp.c:371:29: note: 'snprintf' output 4 or more bytes (assuming 5) into a destination of size 4
  371 |                     int r = snprintf(new_val, scheme_len + 1, "%s://", scheme->val);
      |                             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ticket: #7905.
---
 src/app-layer-smtp.c | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/src/app-layer-smtp.c b/src/app-layer-smtp.c
index a0136ed201..2329aa3f85 100644
--- a/src/app-layer-smtp.c
+++ b/src/app-layer-smtp.c
@@ -359,19 +359,20 @@ static void SMTPConfigure(void) {
 
             TAILQ_FOREACH (scheme, &extract_urls_schemes->head, next) {
                 size_t scheme_len = strlen(scheme->val);
-                if (scheme_len > UINT16_MAX - SCHEME_SUFFIX_LEN) {
-                    FatalError("Too long value for extract-urls-schemes");
+                if (scheme_len > UINT8_MAX - SCHEME_SUFFIX_LEN) {
+                    FatalError("extract-urls-schemes entry '%s' is too long", scheme->val);
                 }
                 if (scheme->val[scheme_len - 1] != '/') {
                     scheme_len += SCHEME_SUFFIX_LEN;
-                    char *new_val = SCMalloc(scheme_len + 1);
-                    if (unlikely(new_val == NULL)) {
-                        FatalError("SCMalloc failure.");
-                    }
-                    int r = snprintf(new_val, scheme_len + 1, "%s://", scheme->val);
+                    char tmp[256];
+                    int r = snprintf(tmp, sizeof(tmp), "%s://", scheme->val);
                     if (r != (int)scheme_len) {
                         FatalError("snprintf failure for SMTP url extraction scheme.");
                     }
+                    char *new_val = SCStrdup(tmp);
+                    if (unlikely(new_val == NULL)) {
+                        FatalError("extract-urls-schemes entry SCStrdup failure.");
+                    }
                     SCFree(scheme->val);
                     scheme->val = new_val;
                 }