From nobody Mon Dec 23 11:08:27 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1520014180127272.97407181630035; Fri, 2 Mar 2018 10:09:40 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 218C622546BA7; Fri, 2 Mar 2018 10:03:25 -0800 (PST) Received: from mx1.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 303ED22492744 for ; Fri, 2 Mar 2018 10:03:23 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 5F58D8182D17; Fri, 2 Mar 2018 18:09:32 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-125-62.rdu2.redhat.com [10.10.125.62]) by smtp.corp.redhat.com (Postfix) with ESMTP id 3BFD22024CA8; Fri, 2 Mar 2018 18:09:31 +0000 (UTC) X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=66.187.233.73; helo=mx1.redhat.com; envelope-from=lersek@redhat.com; receiver=edk2-devel@lists.01.org From: Laszlo Ersek To: edk2-devel-01 Date: Fri, 2 Mar 2018 19:09:24 +0100 Message-Id: <20180302180924.4312-4-lersek@redhat.com> In-Reply-To: <20180302180924.4312-1-lersek@redhat.com> References: <20180302180924.4312-1-lersek@redhat.com> X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.8]); Fri, 02 Mar 2018 18:09:32 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.8]); Fri, 02 Mar 2018 18:09:32 +0000 (UTC) for IP:'10.11.54.4' DOMAIN:'int-mx04.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'lersek@redhat.com' RCPT:'' Subject: [edk2] [PATCH 3/3] BaseTools/GenVtf: silence false "stringop-overflow" warning with memcpy() X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Paolo Bonzini , Cole Robinson , Liming Gao , Ard Biesheuvel MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" gcc-8 (which is part of Fedora 28) enables the new warning "-Wstringop-overflow" in "-Wall". This warning is documented in detail at ; the introduction says > Warn for calls to string manipulation functions such as memcpy and > strcpy that are determined to overflow the destination buffer. It breaks the BaseTools build with: > GenVtf.c: In function 'ConvertVersionInfo': > GenVtf.c:132:7: error: 'strncpy' specified bound depends on the length > of the source argument [-Werror=3Dstringop-overflow=3D] > strncpy (TemStr + 4 - Length, Str, Length); > ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > GenVtf.c:130:14: note: length computed here > Length =3D strlen(Str); > ^~~~~~~~~~~ It is a false positive because, while the bound equals the length of the source argument, the destination pointer is moved back towards the beginning of the destination buffer by the same amount (and this amount is range-checked first, so we can't precede the start of the dest buffer). Replace both strncpy() calls with memcpy(). Cc: Ard Biesheuvel Cc: Cole Robinson Cc: Liming Gao Cc: Paolo Bonzini Cc: Yonghong Zhu Reported-by: Cole Robinson Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek --- BaseTools/Source/C/GenVtf/GenVtf.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/BaseTools/Source/C/GenVtf/GenVtf.c b/BaseTools/Source/C/GenVtf= /GenVtf.c index 65ae08eeceb8..fc7ae02203ff 100644 --- a/BaseTools/Source/C/GenVtf/GenVtf.c +++ b/BaseTools/Source/C/GenVtf/GenVtf.c @@ -129,9 +129,9 @@ Returns: } else { Length =3D strlen(Str); if (Length < 4) { - strncpy (TemStr + 4 - Length, Str, Length); + memcpy (TemStr + 4 - Length, Str, Length); } else { - strncpy (TemStr, Str + Length - 4, 4); + memcpy (TemStr, Str + Length - 4, 4); } =20 sscanf ( --=20 2.14.1.3.gb7cf6e02401b _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel