diff options
author | José Bollo <jose.bollo@iot.bzh> | 2019-04-02 16:49:09 +0200 |
---|---|---|
committer | José Bollo <jose.bollo@iot.bzh> | 2019-04-02 16:57:17 +0200 |
commit | bc8929bec96e81a7f487d5689f52335b435f0e3e (patch) | |
tree | eadbd57ccad8ad7ebad26b4ebdc5db66d6faf442 | |
parent | 75a6b9e42432e3503a69013624c786af35aed7af (diff) |
Fix false ***buffer overflow*** detection
The compiling option __FORTIFY_SOURCE=2 introduced
a false ***buffer overflow*** detection when the
flexible array 'pattern' was initilized in globset.
The compiler is only complaining when the array is
in a struct that is in a struct like
struct { ...; struct { ...; char name[1]; }}
To avoid these false detections, it is enougth
to ellipsese the dimension of the array. Seems
to be the now standard way of declaring flexible
arrays when it was before an extension. So now:
struct { ...; struct { ...; char name[]; }}
works even when __FORTIFY_SOURCE=2.
Bug-AGL: SPEC-2292
Change-Id: I4b4a5df505a5357f92b9ab1657175911198ca582
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
-rw-r--r-- | conf.d/packaging/rpm/agl-app-framework-binder.spec | 2 | ||||
-rw-r--r-- | src/afb-api-dbus.c | 4 | ||||
-rw-r--r-- | src/afb-api-ws.c | 4 | ||||
-rw-r--r-- | src/afb-apiset.c | 16 | ||||
-rw-r--r-- | src/afb-evt.c | 4 | ||||
-rw-r--r-- | src/afb-export.c | 4 | ||||
-rw-r--r-- | src/afb-hsrv.c | 4 | ||||
-rw-r--r-- | src/afb-stub-ws.c | 4 | ||||
-rw-r--r-- | src/afb-trace.c | 4 | ||||
-rw-r--r-- | src/globset.c | 2 | ||||
-rw-r--r-- | src/globset.h | 2 | ||||
-rw-r--r-- | src/locale-root.c | 8 |
12 files changed, 29 insertions, 29 deletions
diff --git a/conf.d/packaging/rpm/agl-app-framework-binder.spec b/conf.d/packaging/rpm/agl-app-framework-binder.spec index b44d5b10..72a54150 100644 --- a/conf.d/packaging/rpm/agl-app-framework-binder.spec +++ b/conf.d/packaging/rpm/agl-app-framework-binder.spec @@ -57,7 +57,7 @@ This service is evolving permanently and is only designed as a helper for develo %build export PKG_CONFIG_PATH=%{_libdir}/pkgconfig -%cmake -DAGL_DEVEL=1 -DINCLUDE_MONITORING=ON -DCMAKE_C_FLAGS="-D_FORTIFY_SOURCE=1" +%cmake -DAGL_DEVEL=1 -DINCLUDE_MONITORING=ON" %__make %{?_smp_mflags} diff --git a/src/afb-api-dbus.c b/src/afb-api-dbus.c index a9880350..17e1eb02 100644 --- a/src/afb-api-dbus.c +++ b/src/afb-api-dbus.c @@ -665,7 +665,7 @@ struct origin struct afb_cred *cred; /* the origin */ - char name[1]; + char name[]; }; /* get the credentials for the message */ @@ -709,7 +709,7 @@ static struct origin *afb_api_dbus_server_origin_get(struct api_dbus *api, const } /* not found, create it */ - origin = malloc(strlen(sender) + sizeof *origin); + origin = malloc(strlen(sender) + 1 + sizeof *origin); if (origin == NULL) errno = ENOMEM; else { diff --git a/src/afb-api-ws.c b/src/afb-api-ws.c index 8069da22..65daf025 100644 --- a/src/afb-api-ws.c +++ b/src/afb-api-ws.c @@ -43,7 +43,7 @@ struct api_ws_server struct afb_apiset *apiset; /* the apiset for calling */ struct fdev *fdev; /* fdev handler */ uint16_t offapi; /* api name of the interface */ - char uri[1]; /* the uri of the server socket */ + char uri[]; /* the uri of the server socket */ }; /******************************************************************************/ @@ -206,7 +206,7 @@ int afb_api_ws_add_server(const char *uri, struct afb_apiset *declare_set, struc /* make the structure */ lapi = strlen(api); extra = luri == (api - uri) + lapi ? 0 : lapi + 1; - apiws = malloc(sizeof * apiws + luri + extra); + apiws = malloc(sizeof * apiws + 1 + luri + extra); if (!apiws) { ERROR("out of memory"); errno = ENOMEM; diff --git a/src/afb-apiset.c b/src/afb-apiset.c index 2df3c592..8d55d90e 100644 --- a/src/afb-apiset.c +++ b/src/afb-apiset.c @@ -73,7 +73,7 @@ struct api_alias { struct api_alias *next; struct api_desc *api; - char name[1]; + char name[]; }; /** @@ -83,7 +83,7 @@ struct api_class { struct api_class *next; struct api_array providers; - char name[1]; + char name[]; }; /** @@ -92,7 +92,7 @@ struct api_class struct api_depend { struct afb_apiset *set; - char name[1]; + char name[]; }; /** @@ -110,7 +110,7 @@ struct afb_apiset } onlack; /** not found handler */ int timeout; /**< the timeout in second for the apiset */ int refcount; /**< reference count for freeing resources */ - char name[1]; /**< name of the apiset */ + char name[]; /**< name of the apiset */ }; /** @@ -215,7 +215,7 @@ static struct api_class *class_search(const char *name, int create) if (!create) return NULL; - c = calloc(1, strlen(name) + sizeof *c); + c = calloc(1, strlen(name) + 1 + sizeof *c); if (!c) errno = ENOMEM; else { @@ -341,7 +341,7 @@ struct afb_apiset *afb_apiset_create(const char *name, int timeout) { struct afb_apiset *set; - set = calloc(1, (name ? strlen(name) : 0) + sizeof *set); + set = calloc(1, (name ? strlen(name) : 0) + 1 + sizeof *set); if (set) { set->timeout = timeout; set->refcount = 1; @@ -545,7 +545,7 @@ int afb_apiset_add_alias(struct afb_apiset *set, const char *name, const char *a } /* allocates and init the struct */ - ali = malloc(sizeof *ali + strlen(alias)); + ali = malloc(sizeof *ali + strlen(alias) + 1); if (ali == NULL) { ERROR("out of memory"); errno = ENOMEM; @@ -1077,7 +1077,7 @@ int afb_apiset_require(struct afb_apiset *set, const char *name, const char *req if (!a) errno = ENOENT; else { - d = malloc(strlen(required) + sizeof *d); + d = malloc(strlen(required) + 1 + sizeof *d); if (!d) errno = ENOMEM; else { diff --git a/src/afb-evt.c b/src/afb-evt.c index e06d06e1..d361c954 100644 --- a/src/afb-evt.c +++ b/src/afb-evt.c @@ -84,7 +84,7 @@ struct afb_evtid { int id; /* fullname of the event */ - char fullname[1]; + char fullname[]; }; /* @@ -316,7 +316,7 @@ struct afb_evtid *afb_evt_evtid_create(const char *fullname) /* allocates the event */ len = strlen(fullname); - evtid = malloc(len + sizeof * evtid); + evtid = malloc(len + 1 + sizeof * evtid); if (evtid == NULL) goto error; diff --git a/src/afb-export.c b/src/afb-export.c index bfd76539..62be9040 100644 --- a/src/afb-export.c +++ b/src/afb-export.c @@ -163,7 +163,7 @@ struct afb_export } export; /* initial name */ - char name[1]; + char name[]; }; /*****************************************************************************/ @@ -1271,7 +1271,7 @@ static struct afb_export *create( return NULL; } lenapi = strlen(apiname); - export = calloc(1, sizeof *export + lenapi + (path == apiname || !path ? 0 : strlen(path))); + export = calloc(1, sizeof *export + 1 + lenapi + (path == apiname || !path ? 0 : strlen(path))); if (!export) errno = ENOMEM; else { diff --git a/src/afb-hsrv.c b/src/afb-hsrv.c index 0d0bd061..ea9f997a 100644 --- a/src/afb-hsrv.c +++ b/src/afb-hsrv.c @@ -56,7 +56,7 @@ struct hsrv_itf { struct hsrv_itf *next; struct afb_hsrv *hsrv; struct fdev *fdev; - char uri[1]; + char uri[]; }; struct hsrv_handler { @@ -562,7 +562,7 @@ int afb_hsrv_add_interface(struct afb_hsrv *hsrv, const char *uri) { struct hsrv_itf *itf; - itf = malloc(sizeof *itf + strlen(uri)); + itf = malloc(sizeof *itf + 1 + strlen(uri)); if (itf == NULL) return -1; diff --git a/src/afb-stub-ws.c b/src/afb-stub-ws.c index eab897b0..0e777f5a 100644 --- a/src/afb-stub-ws.c +++ b/src/afb-stub-ws.c @@ -145,7 +145,7 @@ struct afb_stub_ws uint8_t is_client; /* the api name */ - char apiname[1]; + char apiname[]; }; static struct afb_proto_ws *afb_stub_ws_create_proto(struct afb_stub_ws *stubws, struct fdev *fdev, uint8_t server); @@ -673,7 +673,7 @@ static struct afb_stub_ws *afb_stub_ws_create(struct fdev *fdev, const char *api { struct afb_stub_ws *stubws; - stubws = calloc(1, sizeof *stubws + strlen(apiname)); + stubws = calloc(1, sizeof *stubws + 1 + strlen(apiname)); if (stubws == NULL) errno = ENOMEM; else { diff --git a/src/afb-trace.c b/src/afb-trace.c index ffb03059..c750aca0 100644 --- a/src/afb-trace.c +++ b/src/afb-trace.c @@ -65,7 +65,7 @@ /* struct for tags */ struct tag { struct tag *next; /* link to the next */ - char tag[1]; /* name of the tag */ + char tag[]; /* name of the tag */ }; /* struct for events */ @@ -1071,7 +1071,7 @@ static struct tag *trace_get_tag(struct afb_trace *trace, const char *name, int if (!tag && alloc) { /* creation if needed */ - tag = malloc(sizeof * tag + strlen(name)); + tag = malloc(sizeof * tag + 1 + strlen(name)); if (tag) { strcpy(tag->tag, name); tag->next = trace->tags; diff --git a/src/globset.c b/src/globset.c index 228d8523..fa378843 100644 --- a/src/globset.c +++ b/src/globset.c @@ -323,7 +323,7 @@ int globset_add( } /* not found, create it */ - ph = malloc(len + sizeof *ph); + ph = malloc(1 + len + sizeof *ph); if (!ph) return -1; diff --git a/src/globset.h b/src/globset.h index 40ed2fad..56527b6a 100644 --- a/src/globset.h +++ b/src/globset.h @@ -26,7 +26,7 @@ struct globset_handler void *closure; /* the pattern */ - char pattern[1]; + char pattern[]; }; struct globset; diff --git a/src/locale-root.c b/src/locale-root.c index 40cd050c..c1e27bbd 100644 --- a/src/locale-root.c +++ b/src/locale-root.c @@ -47,7 +47,7 @@ static const char locales[] = "locales/"; struct locale_folder { struct locale_folder *parent; size_t length; - char name[1]; + char name[]; }; struct locale_container { @@ -67,7 +67,7 @@ struct locale_search { struct locale_root *root; struct locale_search_node *head; int refcount; - char definition[1]; + char definition[]; }; struct locale_root { @@ -102,7 +102,7 @@ static int add_folder(struct locale_container *container, const char *name) if (folders != NULL) { container->folders = folders; length = strlen(name); - folders[count] = malloc(sizeof **folders + length); + folders[count] = malloc(sizeof **folders + 1 + length); if (folders[count] != NULL) { folders[count]->parent = NULL; folders[count]->length = length; @@ -362,7 +362,7 @@ static struct locale_search *create_search(struct locale_root *root, const char struct locale_search_node *node; /* allocate the structure */ - search = malloc(sizeof *search + length); + search = malloc(sizeof *search + 1 + length); if (search == NULL) { errno = ENOMEM; } else { |