[exim-dev] Re: Odd build issue with read

[Andrew C Aitchison via Exim-dev]

On Tue, 6 Aug 2024, Jeremy Harris via Exim-dev wrote:

On 06/08/2024 10:54, Andrew C Aitchison via Exim-dev wrote:

Can anyone see what is going on and whether this is an appropriate fix ?

What it claims it's complaining about has to be the third arg to the read()
(and it would have to be able to statically prove the value, to be catchine
it during compilation).

This seems inconsistent with your avoidance of the complaint: moving the
second arg having an assignment.

I agree.

I think your compiler is broken.

It looks similar to https://gcc.gnu.org/bugzilla/show_bug.cgi?id=86345
but claims
  It's better to use unsigned variables to represent quantities that
  cannot be negative; that way the whole issue or excessively large
  results as a result of sign extension becomes moot
and https://gcc.gnu.org/pipermail/gcc-help/2024-July/143554.html
claims that
  -Wstringop-overflow is broken by design.

I concur that my compiler is broken and will persue this with gcc.

However
gcc -O ~eximtest/git/Exim/exim/src/build-Linux-x86_64/rda.c -c /dev/null
fails on Ubuntu 24-04/Noble, so I think we have to do something.

The attached patch avoids reading a negative number of bytes,
which satisfies the compiler.

Since the archives don't like attachments,
I include the patch inline as well:

diff --git a/src/src/rda.c b/src/src/rda.c
index 8289ab084..5978f5eb9 100644
--- a/src/src/rda.c
+++ b/src/src/rda.c
@@ -467,6 +467,10 @@ int len;
 if (read(fd, &len, sizeof(int)) != sizeof(int)) return FALSE;
 if (len == 0)
   *sp = NULL;
+else if (len < 0) {
+  *sp = NULL;
+  return 1;
+}
 else
   /* We know we have enough memory so disable the error on "len" */
   /* coverity[tainted_data] */


We should probably look at rda_write_string too ...


--
Andrew C. Aitchison                      Kendal, UK
                   and...@aitchison.me.uk
diff --git a/src/src/rda.c b/src/src/rda.c
index 8289ab084..5978f5eb9 100644
--- a/src/src/rda.c
+++ b/src/src/rda.c
@@ -467,6 +467,10 @@ int len;
 if (read(fd, &len, sizeof(int)) != sizeof(int)) return FALSE;
 if (len == 0)
   *sp = NULL;
+else if (len < 0) {
+  *sp = NULL;
+  return 1;
+}
 else
   /* We know we have enough memory so disable the error on "len" */
   /* coverity[tainted_data] */

-- 
## subscription configuration (requires account):
##   https://lists.exim.org/mailman3/postorius/lists/exim-dev.lists.exim.org/
## unsubscribe (doesn't require an account):
##   exim-dev-unsubscr...@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/