From 0267eb64fa88a9de75da80d97a55f0beb1bc50e3 Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Mon, 5 Aug 2024 01:39:18 -0700
Subject: [PATCH] Check for snprintf truncation on W32

* src/main.c (find_and_set_default_shell) [MK_OS_W32]:
Do not use a buffer that snprintf truncated.
---
 src/main.c | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/src/main.c b/src/main.c
index e8d19382..78084d09 100644
--- a/src/main.c
+++ b/src/main.c
@@ -1080,12 +1080,15 @@ find_and_set_default_shell (const char *token)
 
           while (ep && *ep)
             {
+              int sh_pathlen;
               PATH_VAR (sh_path);
 
               *ep = '\0';
 
-              snprintf (sh_path, GET_PATH_MAX, "%s/%s", p, search_token);
-              if (_access (sh_path, 0) == 0)
+              sh_pathlen = snprintf (sh_path, GET_PATH_MAX, "%s/%s",
+                                     p, search_token);
+              if (0 <= sh_pathlen && sh_pathlen < GET_PATH_MAX
+                  && _access (sh_path, 0) == 0)
                 {
                   default_shell = xstrdup (w32ify (sh_path, 0));
                   sh_found = 1;
@@ -1106,9 +1109,13 @@ find_and_set_default_shell (const char *token)
           /* be sure to check last element of Path */
           if (p && *p)
             {
+              int sh_pathlen;
+
               PATH_VAR (sh_path);
-              snprintf (sh_path, GET_PATH_MAX, "%s/%s", p, search_token);
-              if (_access (sh_path, 0) == 0)
+              sh_pathlen = snprintf (sh_path, GET_PATH_MAX, "%s/%s",
+                                     p, search_token);
+              if (0 <= sh_pathlen && sh_pathlen < GET_PATH_MAX
+                  && _access (sh_path, 0) == 0)
                 {
                   default_shell = xstrdup (w32ify (sh_path, 0));
                   sh_found = 1;