diff options
author | José Bollo <jose.bollo@iot.bzh> | 2019-04-02 16:49:09 +0200 |
---|---|---|
committer | José Bollo <jose.bollo@iot.bzh> | 2019-04-02 16:57:17 +0200 |
commit | bc8929bec96e81a7f487d5689f52335b435f0e3e (patch) | |
tree | eadbd57ccad8ad7ebad26b4ebdc5db66d6faf442 /src/afb-api-ws.c | |
parent | 75a6b9e42432e3503a69013624c786af35aed7af (diff) |
Fix false ***buffer overflow*** detection
The compiling option __FORTIFY_SOURCE=2 introduced
a false ***buffer overflow*** detection when the
flexible array 'pattern' was initilized in globset.
The compiler is only complaining when the array is
in a struct that is in a struct like
struct { ...; struct { ...; char name[1]; }}
To avoid these false detections, it is enougth
to ellipsese the dimension of the array. Seems
to be the now standard way of declaring flexible
arrays when it was before an extension. So now:
struct { ...; struct { ...; char name[]; }}
works even when __FORTIFY_SOURCE=2.
Bug-AGL: SPEC-2292
Change-Id: I4b4a5df505a5357f92b9ab1657175911198ca582
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Diffstat (limited to 'src/afb-api-ws.c')
-rw-r--r-- | src/afb-api-ws.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/afb-api-ws.c b/src/afb-api-ws.c index 8069da22..65daf025 100644 --- a/src/afb-api-ws.c +++ b/src/afb-api-ws.c @@ -43,7 +43,7 @@ struct api_ws_server struct afb_apiset *apiset; /* the apiset for calling */ struct fdev *fdev; /* fdev handler */ uint16_t offapi; /* api name of the interface */ - char uri[1]; /* the uri of the server socket */ + char uri[]; /* the uri of the server socket */ }; /******************************************************************************/ @@ -206,7 +206,7 @@ int afb_api_ws_add_server(const char *uri, struct afb_apiset *declare_set, struc /* make the structure */ lapi = strlen(api); extra = luri == (api - uri) + lapi ? 0 : lapi + 1; - apiws = malloc(sizeof * apiws + luri + extra); + apiws = malloc(sizeof * apiws + 1 + luri + extra); if (!apiws) { ERROR("out of memory"); errno = ENOMEM; |