From: =?UTF-8?q?Arsen=20Arsenovi=C4=87?= <arsen@aarsen.me>
To: ~lattis/muon@lists.sr.ht
Cc: =?UTF-8?q?Arsen=20Arsenovi=C4=87?= <arsen@aarsen.me>
Subject: [PATCH] build_target: Fix possible out-of-bounds egde case
Date: Sun, 20 Nov 2022 22:23:33 +0100
Message-Id: <20221120212332.3783571-1-arsen@aarsen.me>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Detected on Tinderbox with FORTIFY_SOURCE=3.

Bug: https://bugs.gentoo.org/882295
---
Hey there,

The Tinderbox spotted a potential error in determine_target_build_name while
running tests.  I traced it back to a bad concat, fix included.

Tested on x86_64-pc-linux-gnu, though I'm unsure if I got all the
configurations or if the contract of the function is still fulfilled following
this change (but it appears to be to me).

Thanks in advance, and have a great night!

 src/functions/kernel/build_target.c | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/src/functions/kernel/build_target.c b/src/functions/kernel/build_target.c
index 07b20e29..2ecc27c4 100644
--- a/src/functions/kernel/build_target.c
+++ b/src/functions/kernel/build_target.c
@@ -307,7 +307,6 @@ determine_target_build_name(struct workspace *wk, struct obj_build_target *tgt,
 	obj name_pre, obj name_suff, char plain_name[BUF_SIZE_2k])
 {
 	const char *pref, *suff, *ver_suff = NULL;
-	uint32_t i;
 
 	switch (tgt->type) {
 	case tgt_executable:
@@ -341,10 +340,7 @@ determine_target_build_name(struct workspace *wk, struct obj_build_target *tgt,
 		suff = get_cstr(wk, name_suff);
 	}
 
-	i = snprintf(plain_name, BUF_SIZE_2k, "%s%s", pref, get_cstr(wk, tgt->name));
-	if (suff) {
-		snprintf(&plain_name[i], BUF_SIZE_2k, ".%s", suff);
-	}
+	snprintf(plain_name, BUF_SIZE_2k, "%s%s%s%s", pref, get_cstr(wk, tgt->name), suff ? "." : "", suff ? suff : "");
 
 	tgt->build_name = make_strf(wk, "%s%s%s", plain_name, ver_suff ? "." : "", ver_suff ? ver_suff : "");
 	return true;
-- 
2.38.1