Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 1932066
| Summary: | Cannot build with -Werror=stringop-truncation | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Ben Beasley <code> | ||||
| Component: | libss7 | Assignee: | Ben Beasley <code> | ||||
| Status: | NEW --- | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
| Severity: | unspecified | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | rawhide | CC: | code, extras-orphan, itamar, jsmith.fedora | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | Type: | Bug | |||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
This package has changed maintainer in Fedora. Reassigning to the new maintainer of this component. Here is an example of the warnings about strncpy(). > In file included from /usr/include/string.h:519, > from isup.c:32: > In function 'strncpy', > inlined from 'isup_set_calling' at isup.c:2879:4, > inlined from 'isup_set_calling' at isup.c:2875:6: > /usr/include/bits/string_fortified.h:91:10: warning: 'strncpy' specified bound 64 equals destination size [-Wstringop-truncation] > 91 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest)); > | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > void isup_set_calling(struct isup_call *c, const char *calling, unsigned char calling_nai, unsigned char presentation_ind, unsigned char screening_ind) > { > if ((calling && calling[0]) || presentation_ind == SS7_PRESENTATION_ADDR_NOT_AVAILABLE) { > if (calling) { > strncpy(c->calling_party_num, calling, sizeof(c->calling_party_num)); > } else { > c->calling_party_num[0] = '\0'; > } > c->calling_nai = calling_nai; > c->presentation_ind = presentation_ind; > c->screening_ind = screening_ind; > } > } There are a number of similar warnings about strncpy() for other fields. In this case, the intent seems to be that the argument “calling” is copied into the struct field with null-termination, truncating any overlong string. But strncpy does not guarantee null-termination. It is likely that the code should have been something like: > if (calling) { > strncpy(c->calling_party_num, calling, sizeof(c->calling_party_num)); > c->calling_party_num[sizeof(c->calling_party_num) - 1U] = '\0'; > } else { ----- The other category of strncpy() warnings is like this: > In function 'strncpy', > inlined from 'isup_event_iam' at isup.c:4335:2: > /usr/include/bits/string_fortified.h:91:10: warning: 'strncpy' output may be truncated copying 50 bytes from a string of length 63 [-Wstringop-truncation] > 91 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest)); > | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ That comes from > strncpy(e->iam.called_party_num, c->called_party_num, sizeof(e->iam.called_party_num)); where e is an ss7_event discriminated union (from libss7.h), with the ss7_event_iam-type member active. That has “char called_party_num[50];”, which is indeed shorter than the called_party_num in “c”, which is a struct isup_call. What should be done in this case? Is truncation appropriate? It is already happening, only without null termination. ----- I intend to consult the upstream developers on IRC (Freenode #asterisk-dev) to see what they think of these warnings. Upstream issue: https://issues.asterisk.org/jira/browse/SS7-64 Upstream developers have been busy but plan to look at it when they can. |
Created attachment 1758941 [details] Complete compiler diagnostic output Description of problem: Cannot build with -Werror=stringop-truncation, which is part of the usual hardening flags. Version-Release number of selected component (if applicable): All versions How reproducible: Steps to Reproduce: 1. Remove the line export CFLAGS="${CFLAGS} -Wno-error=stringop-truncation" from the spec file. 2. Build the RPM. 3. Observe the RPM build fails with an error. Actual results: Cannot build with -Werror=stringop-truncation. Expected results: Nothing in the code triggers these warnings. Additional info: Currently these warnings are still reported in the build, but are not treated as errors. These warnings look like real problems, and should be reported upstream. This bug is to track the problem, and any efforts to resolve it properly.