X-Git-Url: http://www.privoxy.org/gitweb/templates.html?a=blobdiff_plain;f=gateway.c;h=f2cc2ee1bda9e9f07259235f55c8a8d1e52812b0;hb=5ce142f1bb90296b514f2f1ef25127adb592cd59;hp=a842c07dec2e61205f24451178e1d31025ca9c26;hpb=c31f248a0ca2bf24ef486188c61c31ff5145626e;p=privoxy.git

diff --git a/gateway.c b/gateway.c
index a842c07d..f2cc2ee1 100644
--- a/gateway.c
+++ b/gateway.c
@@ -6,7 +6,7 @@
  *                using a "forwarder" (i.e. HTTP proxy and/or a SOCKS4
  *                or SOCKS5 proxy).
  *
- * Copyright   :  Written by and Copyright (C) 2001-2021 the
+ * Copyright   :  Written by and Copyright (C) 2001-2023 the
  *                Privoxy team. https://www.privoxy.org/
  *
  *                Based on the Internet Junkbuster originally written
@@ -837,7 +837,13 @@ static jb_socket socks4_connect(const struct forward_spec *fwd,
 
    /* build a socks request for connection to the web server */
 
-   strlcpy(&(c->userid), socks_userid, sizeof(buf) - sizeof(struct socks_op));
+   /*
+    * The more straightforward &(c->userid) destination pointer can
+    * cause some gcc versions to misidentify the size of the destination
+    * buffer, tripping the runtime check of glibc's source fortification.
+    */
+   strlcpy(buf + offsetof(struct socks_op, userid), socks_userid,
+      sizeof(buf) - sizeof(struct socks_op));
 
    csiz = sizeof(*c) + sizeof(socks_userid) - sizeof(c->userid) - sizeof(c->padding);