Tree - rpms/edk2 - CentOS Git server

rpms / edk2

Blame 0027-BaseTools-GenVtf-silence-false-stringop-overflow-war.patch

Blob History Raw

Paolo Bonzini	6ea72c	`From 8633e2951d8eba59755c82ef10099ed47eafd474 Mon Sep 17 00:00:00 2001`
Paolo Bonzini	6ea72c	`From: Laszlo Ersek <lersek@redhat.com>`
Paolo Bonzini	6ea72c	`Date: Fri, 2 Mar 2018 19:09:24 +0100`
Paolo Bonzini	6ea72c	`Subject: [PATCH 3/3] BaseTools/GenVtf: silence false "stringop-overflow"`
Paolo Bonzini	6ea72c	`warning with memcpy()`
Paolo Bonzini	6ea72c
Paolo Bonzini	6ea72c	`gcc-8 (which is part of Fedora 28) enables the new warning`
Paolo Bonzini	6ea72c	`"-Wstringop-overflow" in "-Wall". This warning is documented in detail at`
Paolo Bonzini	6ea72c	`<https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html>; the`
Paolo Bonzini	6ea72c	`introduction says`
Paolo Bonzini	6ea72c
Paolo Bonzini	6ea72c	`> Warn for calls to string manipulation functions such as memcpy and`
Paolo Bonzini	6ea72c	`> strcpy that are determined to overflow the destination buffer.`
Paolo Bonzini	6ea72c
Paolo Bonzini	6ea72c	`It breaks the BaseTools build with:`
Paolo Bonzini	6ea72c
Paolo Bonzini	6ea72c	`> GenVtf.c: In function 'ConvertVersionInfo':`
Paolo Bonzini	6ea72c	`> GenVtf.c:132:7: error: 'strncpy' specified bound depends on the length`
Paolo Bonzini	6ea72c	`> of the source argument [-Werror=stringop-overflow=]`
Paolo Bonzini	6ea72c	`> strncpy (TemStr + 4 - Length, Str, Length);`
Paolo Bonzini	6ea72c	`> ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
Paolo Bonzini	6ea72c	`> GenVtf.c:130:14: note: length computed here`
Paolo Bonzini	6ea72c	`> Length = strlen(Str);`
Paolo Bonzini	6ea72c	`> ^~~~~~~~~~~`
Paolo Bonzini	6ea72c
Paolo Bonzini	6ea72c	`It is a false positive because, while the bound equals the length of the`
Paolo Bonzini	6ea72c	`source argument, the destination pointer is moved back towards the`
Paolo Bonzini	6ea72c	`beginning of the destination buffer by the same amount (and this amount is`
Paolo Bonzini	6ea72c	`range-checked first, so we can't precede the start of the dest buffer).`
Paolo Bonzini	6ea72c
Paolo Bonzini	6ea72c	`Replace both strncpy() calls with memcpy().`
Paolo Bonzini	6ea72c
Paolo Bonzini	6ea72c	`Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>`
Paolo Bonzini	6ea72c	`Cc: Cole Robinson <crobinso@redhat.com>`
Paolo Bonzini	6ea72c	`Cc: Liming Gao <liming.gao@intel.com>`
Paolo Bonzini	6ea72c	`Cc: Paolo Bonzini <pbonzini@redhat.com>`
Paolo Bonzini	6ea72c	`Cc: Yonghong Zhu <yonghong.zhu@intel.com>`
Paolo Bonzini	6ea72c	`Reported-by: Cole Robinson <crobinso@redhat.com>`
Paolo Bonzini	6ea72c	`Contributed-under: TianoCore Contribution Agreement 1.1`
Paolo Bonzini	6ea72c	`Signed-off-by: Laszlo Ersek <lersek@redhat.com>`
Paolo Bonzini	6ea72c	`Message-Id: <20180302180924.4312-4-lersek@redhat.com>`
Paolo Bonzini	6ea72c	`Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>`
Paolo Bonzini	6ea72c	`---`
Paolo Bonzini	6ea72c	`BaseTools/Source/C/GenVtf/GenVtf.c \| 4 ++--`
Paolo Bonzini	6ea72c	`1 file changed, 2 insertions(+), 2 deletions(-)`
Paolo Bonzini	6ea72c
Paolo Bonzini	6ea72c	`diff --git a/BaseTools/Source/C/GenVtf/GenVtf.c b/BaseTools/Source/C/GenVtf/GenVtf.c`
Paolo Bonzini	6ea72c	`index 2ae9a7be2c..0cd33e71e9 100644`
Paolo Bonzini	6ea72c	`--- a/BaseTools/Source/C/GenVtf/GenVtf.c`
Paolo Bonzini	6ea72c	`+++ b/BaseTools/Source/C/GenVtf/GenVtf.c`
Paolo Bonzini	6ea72c	`@@ -129,9 +129,9 @@ Returns:`
Paolo Bonzini	6ea72c	`} else {`
Paolo Bonzini	6ea72c	`Length = strlen(Str);`
Paolo Bonzini	6ea72c	`if (Length < 4) {`
Paolo Bonzini	6ea72c	`- strncpy (TemStr + 4 - Length, Str, Length);`
Paolo Bonzini	6ea72c	`+ memcpy (TemStr + 4 - Length, Str, Length);`
Paolo Bonzini	6ea72c	`} else {`
Paolo Bonzini	6ea72c	`- strncpy (TemStr, Str + Length - 4, 4);`
Paolo Bonzini	6ea72c	`+ memcpy (TemStr, Str + Length - 4, 4);`
Paolo Bonzini	6ea72c	`}`
Paolo Bonzini	6ea72c
Paolo Bonzini	6ea72c	`sscanf (`
Paolo Bonzini	6ea72c	`--`
Paolo Bonzini	6ea72c	`2.14.3`
Paolo Bonzini	6ea72c

rpms / edk2

Source Code

Blame 0027-BaseTools-GenVtf-silence-false-stringop-overflow-war.patch