On Sat, Feb 08, 2014 at 01:32, Christian Weisgerber wrote: > Back in January, there was this commit to gcc: > > Enable Wbounded by default. Passing bound bigger than the buffer > size almost always has security implications.
Very interesting set of errors. Just based on a quick read through the log file: > ./audio/rioutil.log:rio.c:650: warning: array size (16) smaller than bound > length (17) There's some like this that look like obvious off by ones. > ./audio/pms.log:src/libmpdclient.c:396: warning: array size (1001) smaller > than bound length (50000) There's some like this where you wonder how the two lengths could possibly be related. > ./audio/festival/core.log:EST_Chunk.cc:336: warning: array size (1) > smaller than bound length (20) There's a lot of size 1 warnings, which I'd guess are uses of the struct hack and probably lower priority. > ./audio/festival/core,ogi.log:OGIdbase.cc:369: warning: 'void > bounds_check_unit(int, int)' defined but not used oops. :) > ./audio/soundtracker.log:gui.c:1609: warning: non-positive bounds length > (-1) detected WTF? > ./audio/audacious-plugins.log:Gb_Apu.cxx:126: warning: array size (16) > smaller than bound length (32) > ./audio/milkytracker.log:ExporterXM.cpp:70: warning: array size (256) > smaller than bound length (1024) And there's quite a few that are off by a multiple of two or four.
