On Tue, Feb 20, 2018 at 04:36:24PM +0000, p...@hermes.cam.ac.uk wrote: > I've just put a Release Candidate for 8.42 in the usual place: > I tested it successfully on GNU/Linux on these platforms:
aarch64 armv7hl i686 ppc64be ppc64le s390x x86_64 Please note gcc-8 with glibc-2.27 emmits this warning: gcc -DHAVE_CONFIG_H -I. -pthread -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -mcet -fcf-protection -c -o pcregrep-pcregrep.o `test -f 'pcregrep.c' || echo './'`pcregrep.c pcregrep.c: In function 'main': pcregrep.c:2767:31: warning: '__builtin___sprintf_chk' may write a terminating nul past the end of the destination [-Wformat-overflow=] sprintf(buff2, "%s%.*s", buff1, fulllen - baselen - 2, opbra + 1); ^ In file included from /usr/include/stdio.h:862, from pcregrep.c:52: /usr/include/bits/stdio2.h:33:10: note: '__builtin___sprintf_chk' output between 1 and 2147483669 bytes into a destination of size 24 return __builtin___sprintf_chk (__s, __USE_FORTIFY_LEVEL - 1, ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ __bos (__s), __fmt, __va_arg_pack ()); ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This warning is not new for 8.42-RC1. It happens also for 8.41. GCC and glibc recieved some fortification features and this is the result. If I understand PCRE code correctly, the warning is a false alarm because it parses constant strings (pcretrep options) and builds a new string from them. And all the buffer sizes are large enough. The compiler seems to be unable to infer "fulllen - baselen - 2" value correctly. An attached patch makes the warning gone. -- Petr
From ed53a8d6d531a5427ce9385b7c15d65f59ac8e0b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppi...@redhat.com> Date: Fri, 23 Feb 2018 10:28:22 +0100 Subject: [PATCH] Silent a GCC 8 warning about formatting a pcregrep long option MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This patch silents this warning: pcregrep.c:2767:31: warning: '__builtin___sprintf_chk' may write a terminating nul past the end of the destination [-Wformat-overflow=] sprintf(buff2, "%s%.*s", buff1, fulllen - baselen - 2, opbra + 1); ^ In file included from /usr/include/stdio.h:862, from pcregrep.c:52: /usr/include/bits/stdio2.h:33:10: note: '__builtin___sprintf_chk' output between 1 and 2147483669 bytes into a destination of size 24 return __builtin___sprintf_chk (__s, __USE_FORTIFY_LEVEL - 1, ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ __bos (__s), __fmt, __va_arg_pack ()); ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Signed-off-by: Petr Písař <ppi...@redhat.com> --- pcregrep.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/pcregrep.c b/pcregrep.c index 69ba85a..a46e7e2 100644 --- a/pcregrep.c +++ b/pcregrep.c @@ -2764,7 +2764,15 @@ for (i = 1; i < argc; i++) (int)strlen(arg) : (int)(argequals - arg); sprintf(buff1, "%.*s", baselen, op->long_name); - sprintf(buff2, "%s%.*s", buff1, fulllen - baselen - 2, opbra + 1); + if (sizeof(buff2)/sizeof(*buff2) <= + snprintf(buff2, sizeof(buff2)/sizeof(*buff2), + "%s%.*s", buff1, fulllen - baselen - 2, opbra + 1)) + { + fprintf(stderr, + "pcregrep: Buffer overflow when parsing %s option\n", + op->long_name); + pcregrep_exit(2); + } if (strncmp(arg, buff1, arglen) == 0 || strncmp(arg, buff2, arglen) == 0) -- 2.13.6
signature.asc
Description: PGP signature
-- ## List details at https://lists.exim.org/mailman/listinfo/pcre-dev