From c45fabdb6df2c585f1c6fd5fc7618cd72d929120 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9=20Canna=C3=B2?= Date: Mon, 9 Feb 2026 09:55:44 +0100 Subject: [PATCH] fix: correct macOS executable SHA1 implementation - Use strlen(buff) for actual path length instead of bufsize (_NSGetExecutablePath does not modify bufsize on success) - Add explicit null-termination after strncpy for safety - Pass sizeof(buff) instead of sizeof(buff)-1 to _NSGetExecutablePath Addresses review feedback from gemini-code-assist. --- src/main.cpp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/main.cpp b/src/main.cpp index bc3b48453..176579b90 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -3012,15 +3012,15 @@ int main(int argc, const char * argv[]) { char buff[PATH_MAX+1]; ssize_t len = -1; #if defined(__APPLE__) - uint32_t bufsize = sizeof(buff) - 1; + uint32_t bufsize = sizeof(buff); if (_NSGetExecutablePath(buff, &bufsize) == 0) { - len = bufsize; // Resolve symlinks to get the real path char resolved[PATH_MAX]; if (realpath(buff, resolved) != NULL) { strncpy(buff, resolved, sizeof(buff) - 1); - len = strlen(buff); + buff[sizeof(buff) - 1] = '\0'; } + len = strlen(buff); } #elif defined(__FreeBSD__) len = readlink("/proc/curproc/file", buff, sizeof(buff)-1);