* [PATCH setup] Avoid stringop-overflow warning with gcc8
@ 2018-10-12 15:44 Jon Turney
2018-10-12 15:58 ` Corinna Vinschen
0 siblings, 1 reply; 4+ messages in thread
From: Jon Turney @ 2018-10-12 15:44 UTC (permalink / raw)
To: cygwin-apps; +Cc: Jon Turney
desktop.cc: In function 'void start_menu(const string&, const string&, const string&, const string&)':
desktop.cc:110:11: error: 'char* strncat(char*, const char*, size_t)' specified bound 260 equals destination size [-Werror=stringop-overflow=]
I think strlcat() was meant here, which MinGW doesn't have. In it's
absence, open-code it's equivalent.
(SHGetSpecialFolderLocation() returns a pathname of length at most MAX_PATH,
and make_link() is limited to accepting a pathname of length MAX_PATH, so we
want to append our folder name, while truncating the result to MAX_PATH.)
---
desktop.cc | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/desktop.cc b/desktop.cc
index 927c02f..d003e91 100644
--- a/desktop.cc
+++ b/desktop.cc
@@ -107,7 +107,8 @@ start_menu (const std::string& title, const std::string& target,
issystem ? CSIDL_COMMON_PROGRAMS :
CSIDL_PROGRAMS, &id);
SHGetPathFromIDList (id, path);
- strncat (path, "/Cygwin", MAX_PATH);
+ strncat (path, "/Cygwin", MAX_PATH - strlen(path));
+ path[MAX_PATH-1] = 0;
LogBabblePrintf ("Program directory for program link: %s", path);
make_link (path, title, target, arg, iconpath);
}
--
2.17.0
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH setup] Avoid stringop-overflow warning with gcc8
2018-10-12 15:44 [PATCH setup] Avoid stringop-overflow warning with gcc8 Jon Turney
@ 2018-10-12 15:58 ` Corinna Vinschen
2018-10-13 12:50 ` Jon Turney
0 siblings, 1 reply; 4+ messages in thread
From: Corinna Vinschen @ 2018-10-12 15:58 UTC (permalink / raw)
To: cygwin-apps
[-- Attachment #1: Type: text/plain, Size: 1593 bytes --]
On Oct 12 16:43, Jon Turney wrote:
> desktop.cc: In function 'void start_menu(const string&, const string&, const string&, const string&)':
> desktop.cc:110:11: error: 'char* strncat(char*, const char*, size_t)' specified bound 260 equals destination size [-Werror=stringop-overflow=]
>
> I think strlcat() was meant here, which MinGW doesn't have. In it's
> absence, open-code it's equivalent.
>
> (SHGetSpecialFolderLocation() returns a pathname of length at most MAX_PATH,
> and make_link() is limited to accepting a pathname of length MAX_PATH, so we
> want to append our folder name, while truncating the result to MAX_PATH.)
> ---
> desktop.cc | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/desktop.cc b/desktop.cc
> index 927c02f..d003e91 100644
> --- a/desktop.cc
> +++ b/desktop.cc
> @@ -107,7 +107,8 @@ start_menu (const std::string& title, const std::string& target,
> issystem ? CSIDL_COMMON_PROGRAMS :
> CSIDL_PROGRAMS, &id);
> SHGetPathFromIDList (id, path);
> - strncat (path, "/Cygwin", MAX_PATH);
> + strncat (path, "/Cygwin", MAX_PATH - strlen(path));
Shouldn't that be
strncat (path, "/Cygwin", MAX_PATH - strlen(path) - 1);
?
"If src contains n or more bytes, strncat() writes n+1 bytes to dest (n
from src plus the terminating null byte). Therefore, the size of dest
must be at least strlen(dest)+n+1."
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH setup] Avoid stringop-overflow warning with gcc8
2018-10-12 15:58 ` Corinna Vinschen
@ 2018-10-13 12:50 ` Jon Turney
2018-10-13 14:36 ` Corinna Vinschen
0 siblings, 1 reply; 4+ messages in thread
From: Jon Turney @ 2018-10-13 12:50 UTC (permalink / raw)
To: cygwin-apps
On 12/10/2018 16:58, Corinna Vinschen wrote:
> On Oct 12 16:43, Jon Turney wrote:
[...]
>> diff --git a/desktop.cc b/desktop.cc
>> index 927c02f..d003e91 100644
>> --- a/desktop.cc
>> +++ b/desktop.cc
>> @@ -107,7 +107,8 @@ start_menu (const std::string& title, const std::string& target,
>> issystem ? CSIDL_COMMON_PROGRAMS :
>> CSIDL_PROGRAMS, &id);
>> SHGetPathFromIDList (id, path);
>> - strncat (path, "/Cygwin", MAX_PATH);
>> + strncat (path, "/Cygwin", MAX_PATH - strlen(path));
>
> Shouldn't that be
>
> strncat (path, "/Cygwin", MAX_PATH - strlen(path) - 1);
>
> ?
Yes! I have no idea what I was thinking!
Thanks.
> "If src contains n or more bytes, strncat() writes n+1 bytes to dest (n
> from src plus the terminating null byte). Therefore, the size of dest
> must be at least strlen(dest)+n+1."
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH setup] Avoid stringop-overflow warning with gcc8
2018-10-13 12:50 ` Jon Turney
@ 2018-10-13 14:36 ` Corinna Vinschen
0 siblings, 0 replies; 4+ messages in thread
From: Corinna Vinschen @ 2018-10-13 14:36 UTC (permalink / raw)
To: cygwin-apps
[-- Attachment #1: Type: text/plain, Size: 981 bytes --]
On Oct 13 13:50, Jon Turney wrote:
> On 12/10/2018 16:58, Corinna Vinschen wrote:
> > On Oct 12 16:43, Jon Turney wrote:
> [...]
> > > diff --git a/desktop.cc b/desktop.cc
> > > index 927c02f..d003e91 100644
> > > --- a/desktop.cc
> > > +++ b/desktop.cc
> > > @@ -107,7 +107,8 @@ start_menu (const std::string& title, const std::string& target,
> > > issystem ? CSIDL_COMMON_PROGRAMS :
> > > CSIDL_PROGRAMS, &id);
> > > SHGetPathFromIDList (id, path);
> > > - strncat (path, "/Cygwin", MAX_PATH);
> > > + strncat (path, "/Cygwin", MAX_PATH - strlen(path));
> >
> > Shouldn't that be
> >
> > strncat (path, "/Cygwin", MAX_PATH - strlen(path) - 1);
> >
> > ?
>
> Yes! I have no idea what I was thinking!
Better than the crime I have commited originally...
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2018-10-13 14:36 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-10-12 15:44 [PATCH setup] Avoid stringop-overflow warning with gcc8 Jon Turney
2018-10-12 15:58 ` Corinna Vinschen
2018-10-13 12:50 ` Jon Turney
2018-10-13 14:36 ` Corinna Vinschen
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).