[groff] 50/75: src/roff/troff/input.cpp: Size a buffer better.

Fri, 19 Dec 2025 15:16:21 -0800 

gbranden pushed a commit to branch master
in repository groff.

commit c3421fdc8c6f5ceeccca5de6281e9a029420318a
Author: G. Branden Robinson <[email protected]>
AuthorDate: Thu Dec 18 15:13:05 2025 -0600

    src/roff/troff/input.cpp: Size a buffer better.
    
    * src/roff/troff/input.cpp (token::description): Size the buffer housing
      the node description more scrupulously, avoiding potential string
      truncation.
    
    Fixes problem introduced by me in commit 1fb72c15e6, 3 December.
    
    ../src/roff/troff/input.cpp: In member function ‘const char* 
token::description()’:
    ../src/roff/troff/input.cpp:3025:38: warning: ‘ token’ directive output may 
be truncated writing 6 bytes into a region of size between 1 and 47 
[-Wformat-truncation=]
     3025 |       (void) snprintf(buf, bufsz, "%s token", nodebuf);
          |                                      ^~~~~~
    ../src/roff/troff/input.cpp:3025:22: note: ‘snprintf’ output between 7 and 
53 bytes into a destination of size 47
     3025 |       (void) snprintf(buf, bufsz, "%s token", nodebuf);
          |              ~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
---
 ChangeLog                | 8 ++++++++
 src/roff/troff/input.cpp | 2 +-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index b76ded752..0d5a12e66 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+2025-12-18  G. Branden Robinson <[email protected]>
+
+       * src/roff/troff/input.cpp (token::description): Size the buffer
+       housing the node description more scrupulously, avoiding
+       potential string truncation.
+
+       Fixes problem introduced by me in commit 1fb72c15e6, 3 December.
+
 2025-12-18  G. Branden Robinson <[email protected]>
 
        * src/utils/xtotroff/xtotroff.c (main): Fix thinko in fprintf(3)
diff --git a/src/roff/troff/input.cpp b/src/roff/troff/input.cpp
index b8a21a7f7..d9099803f 100644
--- a/src/roff/troff/input.cpp
+++ b/src/roff/troff/input.cpp
@@ -3019,7 +3019,7 @@ const char *token::description()
     return "a newline";
   case TOKEN_NODE:
     {
-      static char nodebuf[bufsz];
+      static char nodebuf[bufsz - (sizeof " token")];
       (void) strcpy(nodebuf, "an undescribed node");
       describe_node(nodebuf, bufsz);
       (void) snprintf(buf, bufsz, "%s token", nodebuf);

_______________________________________________
groff-commit mailing list
[email protected]
https://lists.gnu.org/mailman/listinfo/groff-commit

Reply via email to