fix(targa): Fix TGA2 footer signature truncation by using strncpy

[bobtista]

• Follow up for fix: Replace strcpy with strlcpy to prevent potential buffer overflows #1808
• Fixes Refactor strlcpy for strcpy with a static_assert where possible in WWVegas #1828

PR 1808 fixed most of this issue, but this PR addresses a remaining item

strlcpy was used to write the 16-byte TGA 2.0 footer signature "TRUEVISION-XFILE" into footer.Signature[16]. Because strlcpy always null-terminates, it could only copy 15 characters before writing \0, silently truncating the last character of the signature field.

The Signature field is a fixed-size binary field per the TGA 2.0 spec — it is not null-terminated (reads confirm this by using strncmp(..., 16)). strncpy with n equal to the field size copies all 16 bytes without writing a null terminator, which is the correct behavior here. A static_assert is added to guarantee at compile time that the signature constant and the field are the same size.

This matches the behavior already in Core/Tools/WW3D/max2w3d/TARGA.cpp which uses strncpy(..., 16) for the same purpose.

[greptile-apps]

Greptile Summary

This PR fixes the TGA 2.0 footer signature write in Core/Libraries/Source/WWVegas/WWLib/TARGA.cpp — the previous strlcpy silently truncated the 16-byte "TRUEVISION-XFILE" field to 15 characters because strlcpy always null-terminates. The fix adds a compile-time static_assert to validate the size relationship and replaces the call with strncpy, which correctly copies all 16 bytes when n equals the source length. The unrelated strcpy → strlcpy hardening for SoftID is also a safe improvement.

Confidence Score: 5/5

Safe to merge — the fix is correct and the only remaining finding is a P2 style suggestion to use memcpy instead of strncpy to match the PR description.

All remaining findings are P2. The static_assert guarantees correctness at compile time, and strncpy behaves identically to memcpy in this specific case. No logic errors or regressions introduced.

No files require special attention.

Important Files Changed

Filename	Overview
Core/Libraries/Source/WWVegas/WWLib/TARGA.cpp	Fixes TGA2 footer signature truncation; adds a compile-time static_assert and switches strlcpy to strncpy — functionally correct, but uses strncpy instead of the memcpy stated in the PR title/description, which may trigger compiler warnings.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[Targa::Save] --> B{addextension?}
    B -- yes --> C[Write TGA2Extension\nstrlcpy SoftID safe]
    B -- no --> D[footer.Extension = 0]
    C --> E[Write Footer]
    D --> E
    E --> F[static_assert: sizeof TGA2_SIGNATURE -1 == 16]
    F --> G[strncpy Signature 16 bytes\nno null terminator written]
    G --> H[Write footer.RsvdChar = '.'\nfooter.BZST = 0]
    H --> I[File_Write footer]

Loading

Prompt To Fix All With AI

This is a comment left during a code review.
Path: Core/Libraries/Source/WWVegas/WWLib/TARGA.cpp
Line: 739

Comment:
**`strncpy` vs `memcpy` — mismatch with PR description**

The PR title and description say the fix is "using `memcpy`", but the implementation uses `strncpy`. While `strncpy` is functionally correct here (the `static_assert` guarantees the source is exactly 16 chars, so no null is written into the field), `strncpy` can trigger `-Wstringop-truncation` compiler warnings when `n == strlen(src)`. Since `Signature` is a binary field with no null-terminator semantics, `memcpy` is the more idiomatic and warning-free choice.

```suggestion
			memcpy(footer.Signature, TGA2_SIGNATURE, sizeof(footer.Signature));
```

How can I resolve this? If you propose a fix, please make it concise.

_{Reviews (6): Last reviewed commit: "fix(targa): Use strlcpy with explicit si..." | Re-trigger Greptile}

[xezon]

The title and description need updating.

[bobtista]

The title and description need updating.

done