[PATCH] cpukit/mghttpd/mongoose: Fix format truncation warning

Aschref Ben-Thabet aschref.ben-thabet at embedded-brains.de
Tue Sep 15 09:06:15 UTC 2020 

From: Aschref Ben Thabet <aschref.ben-thabet at embedded-brains.de>

Taking care of the size of buffer to be copied and replace the unsafe
snprintf() with memcpy().
The reason why we get a warning on sprintf() is because memcpy() has a
length parameter that limits how much memory you copy.
For memcpy(), the input has to be terminated with a \0. If not, it will
continue out of bounds.
---
 cpukit/mghttpd/mongoose.c | 24 ++++++++++++++++++------
 1 file changed, 18 insertions(+), 6 deletions(-)

diff --git a/cpukit/mghttpd/mongoose.c b/cpukit/mghttpd/mongoose.c
index fb2bce7471..6db0bdb58e 100644
--- a/cpukit/mghttpd/mongoose.c
+++ b/cpukit/mghttpd/mongoose.c
@@ -251,7 +251,7 @@ typedef struct DIR {
 #define INT64_FMT PRId64
 typedef int SOCKET;
 #define WINCDECL
-
+#define MIN(a, b)((a) < (b) ? (a) : (b))
 #endif // End of Windows and UNIX specific includes
 
 #ifndef HAVE_POLL
@@ -1916,12 +1916,24 @@ static void convert_uri_to_file_name(struct mg_connection *conn, char *buf,
   // we can only do this if the browser declares support
   if ((accept_encoding = mg_get_header(conn, "Accept-Encoding")) != NULL) {
     if (strstr(accept_encoding,"gzip") != NULL) {
-      snprintf(gz_path, sizeof(gz_path), "%s.gz", buf);
-      if (mg_stat(conn, gz_path, filep)) {
-        filep->gzipped = 1;
-        return;
+      memcpy(gz_path, buf, MIN(strlen(buf) + 1, sizeof(gz_path)));
+      if (strlen(buf) > sizeof(gz_path) - 1)
+       strlcpy(gz_path + strlen(gz_path), ".gz", sizeof(gz_path) - strlen(gz_path));
+      /* else //to be reviewed /
+      {
+      //memory allocation for gz.path with buf_size + .gz
+       mount_path = malloc(strlen(buf) + 1 + sizeof(gz_path);
+       if (mount_path != NULL))
+        strlcpy(mount_path, ".gz", sizeof(mount_path));
+      }
+          snprintf(gz_path, sizeof(gz_path), "%s.gz", buf*)
+*/
+      if (mg_stat(conn, gz_path, filep))
+        {
+          filep->gzipped = 1;
+          return;
+        }
       }
-    }
   }
 
   // Support PATH_INFO for CGI scripts.
-- 
2.26.2

More information about the devel mailing list