OpenAFS Master Repository branch, master, updated. openafs-devel-1_9_1-496-g00b31c7

Gerrit Code Review gerrit@openafs.org
Fri, 13 Sep 2024 17:41:47 -0400


The following commit has been merged in the master branch:
commit 00b31c7bae017cbda9d9cf9b7d61299f882d9f12
Author: Cheyenne Wills <cwills@sinenomine.net>
Date:   Thu Sep 12 10:05:55 2024 -0600

    uss: Replace strcat with safer method
    
    The grammar.y file uses a series of strcat's to build the accesslist
    from the parsed tokens.  There is no checking to see if the result
    exceeds the size of the output buffer.
    
    Replace the strcpy/strcat's with a simple snprintf that concatenates
    the tokens, and check to see if the snprintf failed.
    
    If there was an error concatenating the tokens, emit a message.
    
    NOTE: With --enable-checking a build error occurs on an Ubuntu 24.04
    system, where the default _FORTIFY_SOURCE is set to 3 (hardened).  The
    build produces the following:
        ...
        inlined from ‘yyparse’ at ./grammar.y:130:26:
        /usr/include/.../string_fortified.h:130:10: error: ‘__builtin___strcat_chk’ writing 2 bytes into a region of size 0 overflows the destination [-Werror=stringop-overflow=]
        130 | return __builtin___strcat_chk (__dest, __src, __glibc_objsize (__dest));
        ...(repeated for the other uses of strcat)...
    
    The build error can be duplicated by setting _FORTIFY_SOURCE to 3.
    
    Change-Id: I97e8a562f12d2a9f60a31d3b5a6f77a8458e7275
    Reviewed-on: https://gerrit.openafs.org/15845
    Tested-by: BuildBot <buildbot@rampaginggeek.com>
    Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
    Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
    Reviewed-by: Andrew Deason <adeason@sinenomine.net>

 src/uss/grammar.y | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

-- 
OpenAFS Master Repository