libpcap has traditionally generated error message strings by formatting into a fixed-length buffer of size PCAP_ERRBUF_SIZE (or PCAP_ERRBUF_SIZE + 1).
This causes -Wformat-truncation warnings to be generated by GCC, Clang, and maybe other compilers.
We should, instead, generate dynamically-allocated error messages using pcapint_asprintf(), have a new API routine to fetch the arbitrary-length message (callers of pcap_geterr() may expect the string it returns to fit in PCAP_ERRBUF_SIZE bytes, even though it's not documented as doing that), and have pcap_geterr() and pcap_perror() truncate that to fit in PCAP_ERRBUF_SIZE and not to truncate in the middle of a UTF-8 sequence.
That routine will be defined to return UTF-8 error messages; callers who want some other character encoding, for any reason, must do the translation themselves.
That's straightforward for messages fetched from the pcap_t - have a char * variable that points to the last error message generated, initialize it to NULL when a pcap_t is allocated, and have routines that are passed a pointer to a char * (similar to pcapint_asprintf()) and that free whatever that char * points to before overwriting the char * with a pointer to the new message, and change pcapint_fmt_errmsg_for_errno() and pcapint_fmt_errmsg_for_win32_err() to work similarly.
It's a bit more work for routines such as pcap_create() that are passed pointers to fixed-length buffers; that will require replacements for those routines.
See #1543, #1029, and places in the code for which there aren't issues but there are DIAG_OFF_FORMAT_TRUNCATION calls to suppress the warnings.
libpcap has traditionally generated error message strings by formatting into a fixed-length buffer of size
PCAP_ERRBUF_SIZE(orPCAP_ERRBUF_SIZE + 1).This causes
-Wformat-truncationwarnings to be generated by GCC, Clang, and maybe other compilers.We should, instead, generate dynamically-allocated error messages using
pcapint_asprintf(), have a new API routine to fetch the arbitrary-length message (callers ofpcap_geterr()may expect the string it returns to fit inPCAP_ERRBUF_SIZEbytes, even though it's not documented as doing that), and havepcap_geterr()andpcap_perror()truncate that to fit inPCAP_ERRBUF_SIZEand not to truncate in the middle of a UTF-8 sequence.That routine will be defined to return UTF-8 error messages; callers who want some other character encoding, for any reason, must do the translation themselves.
That's straightforward for messages fetched from the
pcap_t- have achar *variable that points to the last error message generated, initialize it toNULLwhen apcap_tis allocated, and have routines that are passed a pointer to achar *(similar topcapint_asprintf()) and that free whatever thatchar *points to before overwriting thechar *with a pointer to the new message, and changepcapint_fmt_errmsg_for_errno()andpcapint_fmt_errmsg_for_win32_err()to work similarly.It's a bit more work for routines such as
pcap_create()that are passed pointers to fixed-length buffers; that will require replacements for those routines.See #1543, #1029, and places in the code for which there aren't issues but there are
DIAG_OFF_FORMAT_TRUNCATIONcalls to suppress the warnings.