Skip to content

Fix compiler warnings and potential overflows in cecc-client and libcec#708

Open
heitbaum wants to merge 7 commits intoPulse-Eight:masterfrom
heitbaum:warning
Open

Fix compiler warnings and potential overflows in cecc-client and libcec#708
heitbaum wants to merge 7 commits intoPulse-Eight:masterfrom
heitbaum:warning

Conversation

@heitbaum
Copy link
Copy Markdown
Contributor

@heitbaum heitbaum commented Apr 19, 2026

Fixes a series of compiler warnings across cecc-client.c, AdapterFactory.cpp,
and CECClient.cpp.

  • Use snprintf instead of strncpy for fixed-buffer copies in FindAdapters
  • Use snprintf instead of strncpy in CCECClient::SetOSDName
  • Initialise strLevel in default case of cb_cec_log_message
  • Fix unused variable and discarded value warnings in cec_process_console_command
  • Replace strcpy with snprintf when copying into g_strPort
  • Use sizeof instead of magic number 13 in snprintf for strDeviceName
  • Suppress -Wformat-truncation at intentional snprintf truncation sites

issues were found when compiling on Ubuntu 26.04 with gcc-16

heitbaum added 7 commits April 18, 2026 22:26
@heitbaum
Use snprintf instead of strncpy for fixed-buffer copies in FindAdapters
ceda23d 
strncpy does not guarantee null-termination when the source length meets
or exceeds the destination size. comm and path are fixed 1024-byte buffers
in cec_adapter, making snprintf the correct tool — it always null-terminates
and handles truncation safely. Fixes -Wstringop-truncation warnings.
@heitbaum
Use snprintf instead of strncpy in CCECClient::SetOSDName
7b90567 
strDeviceName is copied into a fixed-size intermediate buffer and then
into m_configuration.strDeviceName. snprintf always null-terminates,
making the zero-initialisation of buf unnecessary. Fixes
-Wstringop-truncation warnings.
@heitbaum
Initialise strLevel in default case of cb_cec_log_message
15c63dd 
The default branch left strLevel uninitialised, causing undefined
behaviour if an unknown log level was passed. Fixes
-Wmaybe-uninitialized warning.
@heitbaum
Fix unused variable and discarded value warnings in cec_process_conso…
cc12bcb 
…le_command

buflen was computed but never used. The || dispatch chain's
return value was discarded; wrapped in (void) cast to make the
short-circuit-for-side-effects intent explicit. Fixes
-Wunused-but-set-variable and -Wunused-value warnings.
@heitbaum
Replace strcpy with snprintf when copying into g_strPort
2e0dbba 
g_strPort is only 50 bytes. In cec_process_command_line_arguments,
argv strings are unbounded; in main, devices[0].comm is a 1024-byte
buffer. Both strcpy calls risked overflow if the comm port name
exceeded 49 characters. Replaced with snprintf bounded to
sizeof(g_strPort).
@heitbaum
Use sizeof instead of magic number 13 in snprintf for strDeviceName
9a13010 
sizeof(g_config.strDeviceName) keeps the bound tied to the struct
definition rather than a hard-coded value.
@heitbaum
Suppress -Wformat-truncation at intentional snprintf truncation sites
6813f3f 
Truncation into fixed-size destination buffers is intentional.
GCC diagnostic pragmas suppress the warning at each call site.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@heitbaum