In file included from /usr/include/string.h:519,
from wsdd.h:30,
from wsdd2.c:23:
In function ‘strncpy’,
inlined from ‘open_ep’ at wsdd2.c:396:3:
/usr/include/bits/string_fortified.h:106:10: warning: ‘__builtin_strncpy’ output may be truncated copying 15 bytes from a string of length 15 [-Wstringop-truncation]
106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
I'm not sure if this is the best approach or if a fix is even necessary as this would only lead to a problem if ep->ifname has exactly IFNAMSIZ-1 characters followed by the terminating 0 character:
Adding the debian CFLAGS option in the Makefile for improved security
results in a warning from the strncpy call here https://github.com/Andy2244/wsdd2/blob/3b2a6a476b47822e7231a0f209c725489da50801/wsdd2.c#L396
Context of the reported error: https://github.com/Andy2244/wsdd2/blob/3b2a6a476b47822e7231a0f209c725489da50801/wsdd2.c#L393-L404
ifr.ifr_name
is of sizeIFNAMSIZ
and assumingep->ifname
also a size ofIFNAMSIZ
.The call should be
Reference https://en.cppreference.com/w/c/string/byte/strncpy
I'm not sure if this is the best approach or if a fix is even necessary as this would only lead to a problem if
ep->ifname
has exactlyIFNAMSIZ-1
characters followed by the terminating 0 character:Example: http://cpp.sh/6xxiz