OpenAFS Master Repository branch, openafs-stable-1_8_x, updated. openafs-stable-1_8_12_1-4-gd17a077

Gerrit Code Review gerrit@openafs.org
Thu, 3 Oct 2024 18:20:29 -0400 

The following commit has been merged in the openafs-stable-1_8_x branch:
commit d17a07767d703287595f3c96e72e0ecc8455bbf0
Author: Cheyenne Wills <cwills@sinenomine.net>
Date:   Thu Sep 12 10:05:55 2024 -0600

    uss: Replace strcat with safer method
    
    The grammar.y file uses a series of strcat's to build the accesslist
    from the parsed tokens.  There is no checking to see if the result
    exceeds the size of the output buffer.
    
    Replace the strcpy/strcat's with a simple snprintf that concatenates
    the tokens, and check to see if the snprintf failed.
    
    If there was an error concatenating the tokens, emit a message.
    
    NOTE: With --enable-checking a build error occurs on an Ubuntu 24.04
    system, where the default _FORTIFY_SOURCE is set to 3 (hardened).  The
    build produces the following:
        ...
        inlined from ‘yyparse’ at ./grammar.y:130:26:
        /usr/include/.../string_fortified.h:130:10: error: ‘__builtin___strcat_chk’ writing 2 bytes into a region of size 0 overflows the destination [-Werror=stringop-overflow=]
        130 | return __builtin___strcat_chk (__dest, __src, __glibc_objsize (__dest));
        ...(repeated for the other uses of strcat)...
    
    The build error can be duplicated by setting _FORTIFY_SOURCE to 3.
    
    Reviewed-on: https://gerrit.openafs.org/15845
    Tested-by: BuildBot <buildbot@rampaginggeek.com>
    Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
    Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
    Reviewed-by: Andrew Deason <adeason@sinenomine.net>
    (cherry picked from commit 00b31c7bae017cbda9d9cf9b7d61299f882d9f12)
    
    Change-Id: If5dcf75098443e03e9c843039f22e8b414c34d66
    Reviewed-on: https://gerrit.openafs.org/15857
    Reviewed-by: Andrew Deason <adeason@sinenomine.net>
    Tested-by: BuildBot <buildbot@rampaginggeek.com>
    Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
    Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
    Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
    Tested-by: Cheyenne Wills <cwills@sinenomine.net>
    Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>

 src/uss/grammar.y | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

-- 
OpenAFS Master Repository