From a5de9968dd7663836bd554ead121c7c83409c79d Mon Sep 17 00:00:00 2001
From: Victor Julien <victor@inliniac.net>
Date: Tue, 24 Apr 2018 12:01:40 +0200
Subject: [PATCH] gcc8: fix format truncation warnings

---
 src/app-layer-dcerpc.c |  2 +-
 src/log-filestore.c    | 54 ++++++++++++++++++++++++++----------------
 src/log-pcap.c         | 14 +++++++----
 src/log-tlsstore.c     | 19 +++++++--------
 src/util-runmodes.c    | 11 +++++----
 5 files changed, 59 insertions(+), 41 deletions(-)

diff --git a/src/app-layer-dcerpc.c b/src/app-layer-dcerpc.c
index 8821ac2f82..60e4950398 100644
--- a/src/app-layer-dcerpc.c
+++ b/src/app-layer-dcerpc.c
@@ -92,7 +92,7 @@ void hexdump(/*Flow *f,*/ const void *buf, size_t len)
     unsigned char c;
     size_t n;
     char bytestr[4] = {0};
-    char addrstr[10] = {0};
+    char addrstr[17] = {0};
     char hexstr[ 16*3 + 5] = {0};
     char charstr[16*1 + 5] = {0};
     for (n=1; n<=len; n++) {
diff --git a/src/log-filestore.c b/src/log-filestore.c
index b2307861d9..7f1f2484b9 100644
--- a/src/log-filestore.c
+++ b/src/log-filestore.c
@@ -221,8 +221,10 @@ static void LogFilestoreLogCreateMetaFile(const Packet *p, const File *ff, char
         return;
 
     char metafilename[PATH_MAX] = "";
-    snprintf(metafilename, sizeof(metafilename), "%s.meta%s", base_filename,
-            g_working_file_suffix);
+    if (snprintf(metafilename, sizeof(metafilename), "%s.meta%s", base_filename,
+            g_working_file_suffix) == sizeof(metafilename))
+        return;
+
     FILE *fp = fopen(metafilename, "w+");
     if (fp != NULL) {
         char timebuf[64];
@@ -297,14 +299,18 @@ static void LogFilestoreLogCloseMetaFile(const File *ff)
     if (FileIncludePid())
         snprintf(pid_expression, sizeof(pid_expression), ".%d", getpid());
     char final_filename[PATH_MAX] = "";
-    snprintf(final_filename, sizeof(final_filename), "%s/file%s.%u",
-            g_logfile_base_dir, pid_expression, ff->file_store_id);
+    if (snprintf(final_filename, sizeof(final_filename), "%s/file%s.%u",
+            g_logfile_base_dir, pid_expression, ff->file_store_id) == sizeof(final_filename))
+        return;
     char final_metafilename[PATH_MAX] = "";
-    snprintf(final_metafilename, sizeof(final_metafilename),
-            "%s.meta", final_filename);
+    if (snprintf(final_metafilename, sizeof(final_metafilename),
+            "%s.meta", final_filename) == sizeof(final_metafilename))
+        return;
     char working_metafilename[PATH_MAX] = "";
-    snprintf(working_metafilename, sizeof(working_metafilename),
-            "%s%s", final_metafilename, g_working_file_suffix);
+    if (snprintf(working_metafilename, sizeof(working_metafilename),
+            "%s%s", final_metafilename, g_working_file_suffix) == sizeof(working_metafilename))
+        return;
+
     FILE *fp = fopen(working_metafilename, "a");
     if (fp != NULL) {
 #ifdef HAVE_MAGIC
@@ -365,11 +371,14 @@ static void LogFilestoreFinalizeFiles(const File *ff) {
     if (FileIncludePid())
         snprintf(pid_expression, sizeof(pid_expression), ".%d", getpid());
     char final_filename[PATH_MAX] = "";
-    snprintf(final_filename, sizeof(final_filename), "%s/file%s.%u",
-            g_logfile_base_dir, pid_expression, ff->file_store_id);
+    if (snprintf(final_filename, sizeof(final_filename), "%s/file%s.%u",
+            g_logfile_base_dir, pid_expression, ff->file_store_id) == sizeof(final_filename))
+        return;
     char working_filename[PATH_MAX] = "";
-    snprintf(working_filename, sizeof(working_filename), "%s%s",
-            final_filename, g_working_file_suffix);
+    if (snprintf(working_filename, sizeof(working_filename), "%s%s",
+            final_filename, g_working_file_suffix) == sizeof(working_filename))
+           return;
+
     if (rename(working_filename, final_filename) != 0) {
         SCLogWarning(SC_WARN_RENAMING_FILE, "renaming file %s to %s failed",
                 working_filename, final_filename);
@@ -378,11 +387,14 @@ static void LogFilestoreFinalizeFiles(const File *ff) {
     if (FileWriteMeta()) {
         LogFilestoreLogCloseMetaFile(ff);
         char final_metafilename[PATH_MAX] = "";
-        snprintf(final_metafilename, sizeof(final_metafilename),
-                "%s.meta", final_filename);
+        if (snprintf(final_metafilename, sizeof(final_metafilename),
+                "%s.meta", final_filename) == sizeof(final_metafilename))
+            return;
         char working_metafilename[PATH_MAX] = "";
-        snprintf(working_metafilename, sizeof(working_metafilename),
-                "%s%s", final_metafilename, g_working_file_suffix);
+        if (snprintf(working_metafilename, sizeof(working_metafilename),
+                "%s%s", final_metafilename, g_working_file_suffix) == sizeof(working_metafilename))
+            return;
+
         if (rename(working_metafilename, final_metafilename) != 0) {
             SCLogWarning(SC_WARN_RENAMING_FILE,
                     "renaming metafile %s to %s failed", working_metafilename,
@@ -419,10 +431,12 @@ static int LogFilestoreLogger(ThreadVars *tv, void *thread_data, const Packet *p
     if (FileIncludePid())
         snprintf(pid_expression, sizeof(pid_expression), ".%d", getpid());
     char base_filename[PATH_MAX] = "";
-    snprintf(base_filename, sizeof(base_filename), "%s/file%s.%u",
-            g_logfile_base_dir, pid_expression, ff->file_store_id);
-    snprintf(filename, sizeof(filename), "%s%s", base_filename,
-            g_working_file_suffix);
+    if (snprintf(base_filename, sizeof(base_filename), "%s/file%s.%u",
+            g_logfile_base_dir, pid_expression, ff->file_store_id) == sizeof(base_filename))
+        return -1;
+    if (snprintf(filename, sizeof(filename), "%s%s", base_filename,
+            g_working_file_suffix) == sizeof(filename))
+        return -1;
 
     if (flags & OUTPUT_FILEDATA_FLAG_OPEN) {
         aft->file_cnt++;
diff --git a/src/log-pcap.c b/src/log-pcap.c
index c71ad07b71..dacae667c3 100644
--- a/src/log-pcap.c
+++ b/src/log-pcap.c
@@ -618,7 +618,9 @@ static TmEcode PcapLogInitRingBuffer(PcapLogData *pl)
             goto fail;
         }
         char path[PATH_MAX];
-        snprintf(path, PATH_MAX - 1, "%s/%s", pattern, entry->d_name);
+        if (snprintf(path, PATH_MAX, "%s/%s", pattern, entry->d_name) == PATH_MAX)
+            goto fail;
+
         if ((pf->filename = SCStrdup(path)) == NULL) {
             goto fail;
         }
@@ -1245,14 +1247,18 @@ static int PcapLogOpenFileCtx(PcapLogData *pl)
             goto error;
         }
 
+        int written;
         if (pl->timestamp_format == TS_FORMAT_SEC) {
-            snprintf(filename, PATH_MAX, "%s/%s.%" PRIu32, dirfull,
+            written = snprintf(filename, PATH_MAX, "%s/%s.%" PRIu32, dirfull,
                      pl->prefix, (uint32_t)ts.tv_sec);
         } else {
-            snprintf(filename, PATH_MAX, "%s/%s.%" PRIu32 ".%" PRIu32,
+            written = snprintf(filename, PATH_MAX, "%s/%s.%" PRIu32 ".%" PRIu32,
                      dirfull, pl->prefix, (uint32_t)ts.tv_sec, (uint32_t)ts.tv_usec);
         }
-
+        if (written == PATH_MAX) {
+            SCLogError(SC_ERR_SPRINTF,"log-pcap path overflow");
+            goto error;
+        }
     } else if (pl->mode == LOGMODE_NORMAL) {
         int ret;
         /* create the filename to use */
diff --git a/src/log-tlsstore.c b/src/log-tlsstore.c
index 614fc59f65..8ada7bcbad 100644
--- a/src/log-tlsstore.c
+++ b/src/log-tlsstore.c
@@ -69,25 +69,22 @@ typedef struct LogTlsStoreLogThread_ {
     size_t     enc_buf_len;
 } LogTlsStoreLogThread;
 
-static int CreateFileName(const Packet *p, SSLState *state, char *filename)
+static int CreateFileName(const Packet *p, SSLState *state, char *filename, size_t filename_size)
 {
-#define FILELEN 64  //filename len + extention + ending path / + some space
-
-    int filenamelen = FILELEN + strlen(tls_logfile_base_dir);
+    char path[PATH_MAX];
     int file_id = SC_ATOMIC_ADD(cert_id, 1);
 
-    if (filenamelen + 1 > PATH_MAX) {
-        return 0;
-    }
-
     /* Use format : packet time + incremental ID
      * When running on same pcap it will overwrite
      * On a live device, we will not be able to overwrite */
-    snprintf(filename, filenamelen, "%s/%ld.%ld-%d.pem",
+    if (snprintf(path, sizeof(path), "%s/%ld.%ld-%d.pem",
              tls_logfile_base_dir,
              (long int)p->ts.tv_sec,
              (long int)p->ts.tv_usec,
-             file_id);
+             file_id) == sizeof(path))
+        return 0;
+
+    strlcpy(filename, path, filename_size);
     return 1;
 }
 
@@ -108,7 +105,7 @@ static void LogTlsLogPem(LogTlsStoreLogThread *aft, const Packet *p, SSLState *s
     if (TAILQ_EMPTY(&state->server_connp.certs))
         SCReturn;
 
-    CreateFileName(p, state, filename);
+    CreateFileName(p, state, filename, sizeof(filename));
     if (strlen(filename) == 0) {
         SCLogWarning(SC_ERR_FOPEN, "Can't create PEM filename");
         SCReturn;
diff --git a/src/util-runmodes.c b/src/util-runmodes.c
index 19b15e2811..fae864f864 100644
--- a/src/util-runmodes.c
+++ b/src/util-runmodes.c
@@ -58,24 +58,25 @@
  */
 char *RunmodeAutoFpCreatePickupQueuesString(int n)
 {
-    char *queues = NULL;
+    if (n > 1024)
+        return NULL;
+
     /* 13 because pickup12345, = 12 + \0 */
     size_t queues_size = n * 13;
-    int thread;
     char qname[TM_QUEUE_NAME_MAX];
 
-    queues = SCMalloc(queues_size);
+    char *queues = SCMalloc(queues_size);
     if (unlikely(queues == NULL)) {
         SCLogError(SC_ERR_MEM_ALLOC, "failed to alloc queues buffer: %s", strerror(errno));
         return NULL;
     }
     memset(queues, 0x00, queues_size);
 
-    for (thread = 0; thread < n; thread++) {
+    for (int thread = 0; thread < n; thread++) {
         if (strlen(queues) > 0)
             strlcat(queues, ",", queues_size);
 
-        snprintf(qname, sizeof(qname), "pickup%d", thread+1);
+        snprintf(qname, sizeof(qname), "pickup%d", (int16_t)thread+1);
         strlcat(queues, qname, queues_size);
     }