cf-socket: tweak a memcpy() to read better

By checking the size of the actual buffer and using that as memcpy target instead of another union member, this helps readers and static code analyzers to determine that this is not a buffer overflow. Ref: #18677 Closes #18787
2026-04-11 12:01:42 +08:00 · 2025-09-26 14:10:30 +02:00 · 2025-09-26 14:10:30 +02:00 · e891b4195f
commit e891b4195f
parent bc37765466
2 changed files with 8 additions and 8 deletions
--- a/lib/cf-socket.c
+++ b/lib/cf-socket.c
@ -333,12 +333,11 @@ static CURLcode sock_assign_addr(struct Curl_sockaddr_ex *dest,
  }
  dest->addrlen = (unsigned int)ai->ai_addrlen;

-  if(dest->addrlen > sizeof(struct Curl_sockaddr_storage)) {
-    DEBUGASSERT(0);
+  DEBUGASSERT(dest->addrlen <= sizeof(dest->curl_sa_addrbuf));
+  if(dest->addrlen > sizeof(dest->curl_sa_addrbuf))
    return CURLE_TOO_LARGE;
-  }

-  memcpy(&dest->curl_sa_addr, ai->ai_addr, dest->addrlen);
+  memcpy(&dest->curl_sa_addrbuf, ai->ai_addr, dest->addrlen);
  return CURLE_OK;
 }

--- a/lib/cf-socket.h
+++ b/lib/cf-socket.h
@ -48,11 +48,12 @@ struct Curl_sockaddr_ex {
  int protocol;
  unsigned int addrlen;
  union {
-    struct sockaddr addr;
-    struct Curl_sockaddr_storage buff;
-  } _sa_ex_u;
+    struct sockaddr sa;
+    struct Curl_sockaddr_storage buf;
+  } addr;
 };
-#define curl_sa_addr _sa_ex_u.addr
+#define curl_sa_addr addr.sa
+#define curl_sa_addrbuf addr.buf

 /*
 * Parse interface option, and return the interface name and the host part.