ASF GitHub Bot commented on DISPATCH-1262:

jdanekrh commented on pull request #448: DISPATCH-1262: fix GCC 8.2 
format-truncation error in router/src/main.c
URL: https://github.com/apache/qpid-dispatch/pull/448
   Gcc warns because `getcwd` on Linux may allocate and return new buffer,
   so don't ignore the returned value. And cur_path may in theory be null
   going in if previous `calloc` failed.
   It is unlikely we would end up with cur_path = NULL as parameter to `%s`
   in a formatting string later below, but it is possible, given very
   careful timing and sufficiently malicious user, I think.
   Change is made to silence GCC warning, so that ``-fsanitize=undefined` 
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:

> GCC 8.2 format-truncation error in router/src/main.c
> ----------------------------------------------------
>                 Key: DISPATCH-1262
>                 URL: https://issues.apache.org/jira/browse/DISPATCH-1262
>             Project: Qpid Dispatch
>          Issue Type: Bug
>    Affects Versions: Backlog
>         Environment: Fedora 29 or anything with GCC 8.2, when the mentioned 
> flags are used.
>            Reporter: Jiri Daněk
>            Priority: Major
> When {{-DUSE_SANITIZERS=ON}}, this (in RelWithDebug build) results in 
> {{-fsanitize=undefined -O2}} options being passed to GCC (as well as others, 
> but these seem relevant).
> GCC then fails the compilation
> {code}
> [ 98%] Building C object router/CMakeFiles/qdrouterd.dir/src/main.c.o
> cd /home/jdanek/Work/repos/qpid-dispatch/cmake-build-relwithdebinfo/router && 
> /nix/store/wxq0gf50466p7aiddmiiwlxm1cs6mhbn-gcc-wrapper-8.2.0/bin/cc  
> -I/home/jdanek/Work/repos/qpid-dispatch/include 
> -I/home/jdanek/Work/repos/qpid-dispatch/cmake-build-relwithdebinfo/include 
> -I/home/jdanek/Work/repos/qpid-proton/build/install/include 
> -I/nix/store/l95nkqp7bdimqnz9ixay1aahljzsz7vc-python-2.7.15/include/python2.7 
> -I/home/jdanek/Work/repos/qpid-dispatch/cmake-build-relwithdebinfo/router  
> -fsanitize=address -fsanitize=leak -fsanitize=undefined -O2 -g -DNDEBUG   -g 
> -fno-omit-frame-pointer -Werror -Wall -Wpedantic -std=gnu99 -pthread -o 
> CMakeFiles/qdrouterd.dir/src/main.c.o   -c 
> /home/jdanek/Work/repos/qpid-dispatch/router/src/main.c
> {code}
> {code}
> /home/jdanek/Work/repos/qpid-dispatch/router/src/main.c: In function 
> ‘daemon_process’:
> /home/jdanek/Work/repos/qpid-dispatch/router/src/main.c:209:58: error: ‘%s’ 
> directive argument is null [-Werror=format-truncation=]
>                      snprintf(config_path_full, cpf_len, "%s%s%s",
>                                                           ^~
> cc1: all warnings being treated as errors
> {code}
> I believe that GCC should much improve diagnostic messages, if it intends to 
> search for dataflows like this, because the error does not give context.
> It is IMO legit, just super unlikely thing to happen, though.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org

Reply via email to