[PATCH setup] Avoid stringop-overflow warning with gcc8

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

[PATCH setup] Avoid stringop-overflow warning with gcc8

Jon TURNEY
desktop.cc: In function 'void start_menu(const string&, const string&, const string&, const string&)':
desktop.cc:110:11: error: 'char* strncat(char*, const char*, size_t)' specified bound 260 equals destination size [-Werror=stringop-overflow=]

I think strlcat() was meant here, which MinGW doesn't have.  In it's
absence, open-code it's equivalent.

(SHGetSpecialFolderLocation() returns a pathname of length at most MAX_PATH,
and make_link() is limited to accepting a pathname of length MAX_PATH, so we
want to append our folder name, while truncating the result to MAX_PATH.)
---
 desktop.cc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/desktop.cc b/desktop.cc
index 927c02f..d003e91 100644
--- a/desktop.cc
+++ b/desktop.cc
@@ -107,7 +107,8 @@ start_menu (const std::string& title, const std::string& target,
       issystem ? CSIDL_COMMON_PROGRAMS :
       CSIDL_PROGRAMS, &id);
   SHGetPathFromIDList (id, path);
-  strncat (path, "/Cygwin", MAX_PATH);
+  strncat (path, "/Cygwin", MAX_PATH - strlen(path));
+  path[MAX_PATH-1] = 0;
   LogBabblePrintf ("Program directory for program link: %s", path);
   make_link (path, title, target, arg, iconpath);
 }
--
2.17.0

Reply | Threaded
Open this post in threaded view
|

Re: [PATCH setup] Avoid stringop-overflow warning with gcc8

Corinna Vinschen-2
On Oct 12 16:43, Jon Turney wrote:

> desktop.cc: In function 'void start_menu(const string&, const string&, const string&, const string&)':
> desktop.cc:110:11: error: 'char* strncat(char*, const char*, size_t)' specified bound 260 equals destination size [-Werror=stringop-overflow=]
>
> I think strlcat() was meant here, which MinGW doesn't have.  In it's
> absence, open-code it's equivalent.
>
> (SHGetSpecialFolderLocation() returns a pathname of length at most MAX_PATH,
> and make_link() is limited to accepting a pathname of length MAX_PATH, so we
> want to append our folder name, while truncating the result to MAX_PATH.)
> ---
>  desktop.cc | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/desktop.cc b/desktop.cc
> index 927c02f..d003e91 100644
> --- a/desktop.cc
> +++ b/desktop.cc
> @@ -107,7 +107,8 @@ start_menu (const std::string& title, const std::string& target,
>        issystem ? CSIDL_COMMON_PROGRAMS :
>        CSIDL_PROGRAMS, &id);
>    SHGetPathFromIDList (id, path);
> -  strncat (path, "/Cygwin", MAX_PATH);
> +  strncat (path, "/Cygwin", MAX_PATH - strlen(path));
Shouldn't that be

     strncat (path, "/Cygwin", MAX_PATH - strlen(path) - 1);

?

"If src contains n or more bytes, strncat() writes n+1 bytes to dest  (n
 from  src plus the terminating null byte).  Therefore, the size of dest
 must be at least strlen(dest)+n+1."


Corinna

--
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

signature.asc (849 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: [PATCH setup] Avoid stringop-overflow warning with gcc8

Jon TURNEY
On 12/10/2018 16:58, Corinna Vinschen wrote:
> On Oct 12 16:43, Jon Turney wrote:
[...]

>> diff --git a/desktop.cc b/desktop.cc
>> index 927c02f..d003e91 100644
>> --- a/desktop.cc
>> +++ b/desktop.cc
>> @@ -107,7 +107,8 @@ start_menu (const std::string& title, const std::string& target,
>>        issystem ? CSIDL_COMMON_PROGRAMS :
>>        CSIDL_PROGRAMS, &id);
>>     SHGetPathFromIDList (id, path);
>> -  strncat (path, "/Cygwin", MAX_PATH);
>> +  strncat (path, "/Cygwin", MAX_PATH - strlen(path));
>
> Shouldn't that be
>
>       strncat (path, "/Cygwin", MAX_PATH - strlen(path) - 1);
>
> ?

Yes!  I have no idea what I was thinking!

Thanks.

> "If src contains n or more bytes, strncat() writes n+1 bytes to dest  (n
>   from  src plus the terminating null byte).  Therefore, the size of dest
>   must be at least strlen(dest)+n+1."

Reply | Threaded
Open this post in threaded view
|

Re: [PATCH setup] Avoid stringop-overflow warning with gcc8

Corinna Vinschen-2
On Oct 13 13:50, Jon Turney wrote:

> On 12/10/2018 16:58, Corinna Vinschen wrote:
> > On Oct 12 16:43, Jon Turney wrote:
> [...]
> > > diff --git a/desktop.cc b/desktop.cc
> > > index 927c02f..d003e91 100644
> > > --- a/desktop.cc
> > > +++ b/desktop.cc
> > > @@ -107,7 +107,8 @@ start_menu (const std::string& title, const std::string& target,
> > >        issystem ? CSIDL_COMMON_PROGRAMS :
> > >        CSIDL_PROGRAMS, &id);
> > >     SHGetPathFromIDList (id, path);
> > > -  strncat (path, "/Cygwin", MAX_PATH);
> > > +  strncat (path, "/Cygwin", MAX_PATH - strlen(path));
> >
> > Shouldn't that be
> >
> >       strncat (path, "/Cygwin", MAX_PATH - strlen(path) - 1);
> >
> > ?
>
> Yes!  I have no idea what I was thinking!
Better than the crime I have commited originally...


Corinna

--
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

signature.asc (849 bytes) Download Attachment