Source: sqlite Version: 2.8.17-14 Severity: serious Compiling lemon.c with -Wall, leads to the following warning (among many others):
| cc -g -O2 -fdebug-prefix-map=/tmp/sqlite-2.8.17=. -fstack-protector-strong -Wformat -Werror=format-security -DTHREADSAFE=1 -Wall -o lemon ./tool/lemon.c | ./tool/lemon.c: In function 'pathsearch': | ./tool/lemon.c:2724:37: warning: argument to 'sizeof' in 'snprintf' call is the same expression as the destination; did you mean to provide an explicit length? [-Wsizeof-pointer-memaccess] | if( path ) snprintf(path,sizeof path,"%s/%s",argv0,name); | ^~~~ | ./tool/lemon.c:2737:30: warning: argument to 'sizeof' in 'snprintf' call is the same expression as the destination; did you mean to provide an explicit length? [-Wsizeof-pointer-memaccess] | snprintf(path,sizeof path,"%s/%s",pathlist,name); | ^~~~ Looking at the code, it comes from those lines: | char *path,*cp; | ... | path = (char *)malloc( strlen(argv0) + strlen(name) + 2 ); | if( path ) snprintf(path,sizeof path,"%s/%s",argv0,name); and | path = (char *)malloc( strlen(pathlist)+strlen(name)+2 ); | ... | snprintf(path,sizeof path,"%s/%s",pathlist,name); The second argument of snprintf limits the number of byte written. While the buffer path is allocated dynamically using malloc, the size passed to snprintf is the size of the pointer, which is 4 or 8 bytes depending on the architecture, resulting in a truncation of the path. The issue is specific to the debian package and has been introduced by debian/patches/02-lemon-snprintf.patch. The original code is correct so the two corresponding hunk should be reverted. -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.15.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE= (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled