Hi all, when compiling exim with gcc 11.1, it complains (correctly, I would say) about a few read/write operations overflowing the struct member to read/write:
deliver.c:2415 - address_item.transport_return is a short int deliver.c:2421 - address_item.special_action also deliver.c:2489 - same A simple patch is attached. What do you think? Regards, Torsten
diff --color -urN exim-4.95/src/deliver.c exim-4.95.patched/src/deliver.c --- exim-4.95/src/deliver.c 2021-09-28 10:24:46.000000000 +0200 +++ exim-4.95.patched/src/deliver.c 2021-10-06 09:06:41.805935776 +0200 @@ -2411,14 +2411,15 @@ int local_part_length = Ustrlen(addr2->local_part); uschar *s; int ret; + int tmp1 = addr2->transport_return, tmp2 = addr2->special_action; - if( (ret = write(pfd[pipe_write], &addr2->transport_return, sizeof(int))) != sizeof(int) + if( (ret = write(pfd[pipe_write], &tmp1, sizeof(int))) != sizeof(int) || (ret = write(pfd[pipe_write], &transport_count, sizeof(transport_count))) != sizeof(transport_count) || (ret = write(pfd[pipe_write], &addr2->flags, sizeof(addr2->flags))) != sizeof(addr2->flags) || (ret = write(pfd[pipe_write], &addr2->basic_errno, sizeof(int))) != sizeof(int) || (ret = write(pfd[pipe_write], &addr2->more_errno, sizeof(int))) != sizeof(int) || (ret = write(pfd[pipe_write], &addr2->delivery_time, sizeof(struct timeval))) != sizeof(struct timeval) - || (ret = write(pfd[pipe_write], &addr2->special_action, sizeof(int))) != sizeof(int) + || (ret = write(pfd[pipe_write], &tmp2, sizeof(int))) != sizeof(int) || (ret = write(pfd[pipe_write], &addr2->transport, sizeof(transport_instance *))) != sizeof(transport_instance *) @@ -2476,7 +2477,7 @@ { if ((len = read(pfd[pipe_read], &status, sizeof(int))) > 0) { - int i; + int i, tmp; uschar **sptr; addr2->transport_return = status; @@ -2486,7 +2487,8 @@ len = read(pfd[pipe_read], &addr2->basic_errno, sizeof(int)); len = read(pfd[pipe_read], &addr2->more_errno, sizeof(int)); len = read(pfd[pipe_read], &addr2->delivery_time, sizeof(struct timeval)); - len = read(pfd[pipe_read], &addr2->special_action, sizeof(int)); + len = read(pfd[pipe_read], &tmp, sizeof(int)); + addr2->special_action = (short)tmp; len = read(pfd[pipe_read], &addr2->transport, sizeof(transport_instance *));
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##