Misuse of strncpy in net/libfetch/files/http.c

["Aleksej Lebedev" <zhtw%fastmail.com@localhost>]

Hi, everyone.

I just noticed the following warning from gcc when compiling libfetch:

    In function 'http_parse_mtime',
        inlined from 'http_request' at http.c:1078:5:
    http.c:532:2: warning: 'strncpy' specified bound 64 equals destination size [-Wstringop-truncation]
      strncpy(locale, setlocale(LC_TIME, NULL), sizeof(locale));
      ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Indeed the code looks like this:

    static int
    http_parse_mtime(const char *p, time_t *mtime)
    {
            char locale[64], *r;
            struct tm tm;

            strncpy(locale, setlocale(LC_TIME, NULL), sizeof(locale));
            setlocale(LC_TIME, "C");
            r = strptime(p, "%a, %d %b %Y %H:%M:%S GMT", &tm);
            /* XXX should add support for date-2 and date-3 */
            setlocale(LC_TIME, locale);
            if (r == NULL)
                    return (-1);
           *mtime = timegm(&tm);
           return (0);
   }

Strncpy will leave locale not null-terminated if setlocale(LC_TIME, NULL) happen to return a string 64 characters long.
This is very unlikely, I guess, but clearly it's a typical misuse of strncpy which is mentioned in the man page of strlcpy:

    $ man strlcpy
    ....
    DESCRIPTION
         The strlcpy() and strlcat() functions copy and concatenate strings with
         the same input parameters and output result as snprintf(3).  They are
         designed to be safer, more consistent, and less error prone replacements
         for the easily misused functions strncpy(3) and strncat(3)

Could someone fix it (I am not a pkgsrc commiter)? By specifying "sizefof(locale)-1" or using snprintf, or actually strlcpy from pkgtools/nbcompat?

Thanks!

--
Aleksej Lebedev