RE: [PATCH] dnsproxy: Suppress GCC warning stringop-overflow

RE: [PATCH] dnsproxy: Suppress GCC warning stringop-overflow

[VAUTRIN Emmanuel (Canal Plus Prestataire)]

> Recently added check for buffer size breaks build
> with GCC 10.3.0, its internal analysis suspect that code
> is not correct. Build fails with error:
> '__builtin_strncpy' specified bound depends on the length
>  of the source argument [-Werror=stringop-overflow=]
> on src/dnsproxy.c:1794

Thank you Lukáš for your concern.

> I not sure if suppressing compiler warning is a good practice 
> in Connman, but it fixes build for me :-)

In fact, the warning are useful to detect potential issues,
and normally you can trust them, so inhibiting them is a bad
practice.
Moreover, an overflow can lead to security issues,
so it shall be fixed instead of been ignored.
The better is to specify the correct size during the copy.

These kind of work (warning fixes on gcc update) is 
usually done frequently by the team, the related commit
will probably appear soon, as it was done with
90f0e412569b327d8b25b834623b814f1fddbd19
& 3dbcc963a66d43e4ac51c97de4fe116ec72eb9f6).



Best Regards,

Emmanuel

Re: [PATCH] dnsproxy: Suppress GCC warning stringop-overflow

[Santtu Lakkala]

On 15.6.2021 10.40, Lukáš Karas wrote:
> Recently added check for buffer size breaks build
> with GCC 10.3.0, its internal analysis suspect that code
> is not correct. Build fails with error:
> 
>    '__builtin_strncpy' specified bound depends on the length
>    of the source argument [-Werror=stringop-overflow=]
> 
> on src/dnsproxy.c:1794
> 
> I not sure if suppressing compiler warning is a good practice
> in Connman, but it fixes build for me :-)

I would say replacing the strncpy call with a memcpy call would be a 
better approach. Since all the checks have already been done before the 
call there's no functional difference, but the compiler wouldn't need to 
complain about the logic (while from security PoV there's no issue, the 
warning from the compiler has certain merit).

-- 
Santtu

[PATCH] dnsproxy: Suppress GCC warning stringop-overflow

[Lukáš Karas]

[-- Attachment #1.1: Type: text/plain, Size: 409 bytes --]

Hi all. 

Recently added check for buffer size breaks build
with GCC 10.3.0, its internal analysis suspect that code
is not correct. Build fails with error:

  '__builtin_strncpy' specified bound depends on the length
  of the source argument [-Werror=stringop-overflow=]

on src/dnsproxy.c:1794

I not sure if suppressing compiler warning is a good practice 
in Connman, but it fixes build for me :-)

Lukas

[-- Attachment #1.2: 0001-dnsproxy-Suppress-GCC-warning-stringop-overflow.patch --]
[-- Type: text/x-patch, Size: 1083 bytes --]

From 3c605b7c2798ba5cb3ae8afdadc31f68337228b0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Karas?= <lukas.karas@centrum.cz>
Date: Tue, 15 Jun 2021 09:23:39 +0200
Subject: [PATCH] dnsproxy: Suppress GCC warning stringop-overflow
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Recently added check for buffer size breaks build
with GCC 10.3.0, its internal analysis suspect that code
is not correct. Build fails with error:

  '__builtin_strncpy' specified bound depends on the length
  of the source argument [-Werror=stringop-overflow=]

on src/dnsproxy.c:1794

Signed-off-by: Lukáš Karas <lukas.karas@centrum.cz>
---
 src/dnsproxy.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/dnsproxy.c b/src/dnsproxy.c
index 38dbdd71..035593e9 100644
--- a/src/dnsproxy.c
+++ b/src/dnsproxy.c
@@ -41,6 +41,8 @@
 
 #include "connman.h"
 
+#pragma GCC diagnostic ignored "-Wstringop-overflow"
+
 #define debug(fmt...) do { } while (0)
 
 #if __BYTE_ORDER == __LITTLE_ENDIAN
-- 
2.27.0


[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 488 bytes --]