[PATCH setup] Avoid stringop-overflow warning with gcc8

[PATCH setup] Avoid stringop-overflow warning with gcc8

[Jon Turney]

desktop.cc: In function 'void start_menu(const string&, const string&, const string&, const string&)':
desktop.cc:110:11: error: 'char* strncat(char*, const char*, size_t)' specified bound 260 equals destination size [-Werror=stringop-overflow=]

I think strlcat() was meant here, which MinGW doesn't have.  In it's
absence, open-code it's equivalent.

(SHGetSpecialFolderLocation() returns a pathname of length at most MAX_PATH,
and make_link() is limited to accepting a pathname of length MAX_PATH, so we
want to append our folder name, while truncating the result to MAX_PATH.)
---
 desktop.cc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/desktop.cc b/desktop.cc
index 927c02f..d003e91 100644
--- a/desktop.cc
+++ b/desktop.cc
@@ -107,7 +107,8 @@ start_menu (const std::string& title, const std::string& target,
 			      issystem ? CSIDL_COMMON_PROGRAMS :
 			      CSIDL_PROGRAMS, &id);
   SHGetPathFromIDList (id, path);
-  strncat (path, "/Cygwin", MAX_PATH);
+  strncat (path, "/Cygwin", MAX_PATH - strlen(path));
+  path[MAX_PATH-1] = 0;
   LogBabblePrintf ("Program directory for program link: %s", path);
   make_link (path, title, target, arg, iconpath);
 }
-- 
2.17.0

Re: [PATCH setup] Avoid stringop-overflow warning with gcc8

[Corinna Vinschen]

[-- Attachment #1: Type: text/plain, Size: 1593 bytes --]

On Oct 12 16:43, Jon Turney wrote:
> desktop.cc: In function 'void start_menu(const string&, const string&, const string&, const string&)':
> desktop.cc:110:11: error: 'char* strncat(char*, const char*, size_t)' specified bound 260 equals destination size [-Werror=stringop-overflow=]
> 
> I think strlcat() was meant here, which MinGW doesn't have.  In it's
> absence, open-code it's equivalent.
> 
> (SHGetSpecialFolderLocation() returns a pathname of length at most MAX_PATH,
> and make_link() is limited to accepting a pathname of length MAX_PATH, so we
> want to append our folder name, while truncating the result to MAX_PATH.)
> ---
>  desktop.cc | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/desktop.cc b/desktop.cc
> index 927c02f..d003e91 100644
> --- a/desktop.cc
> +++ b/desktop.cc
> @@ -107,7 +107,8 @@ start_menu (const std::string& title, const std::string& target,
>  			      issystem ? CSIDL_COMMON_PROGRAMS :
>  			      CSIDL_PROGRAMS, &id);
>    SHGetPathFromIDList (id, path);
> -  strncat (path, "/Cygwin", MAX_PATH);
> +  strncat (path, "/Cygwin", MAX_PATH - strlen(path));

Shouldn't that be

     strncat (path, "/Cygwin", MAX_PATH - strlen(path) - 1);

?

"If src contains n or more bytes, strncat() writes n+1 bytes to dest  (n
 from  src plus the terminating null byte).  Therefore, the size of dest
 must be at least strlen(dest)+n+1."


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: [PATCH setup] Avoid stringop-overflow warning with gcc8

[Jon Turney]

On 12/10/2018 16:58, Corinna Vinschen wrote:
> On Oct 12 16:43, Jon Turney wrote:
[...]
>> diff --git a/desktop.cc b/desktop.cc
>> index 927c02f..d003e91 100644
>> --- a/desktop.cc
>> +++ b/desktop.cc
>> @@ -107,7 +107,8 @@ start_menu (const std::string& title, const std::string& target,
>>   			      issystem ? CSIDL_COMMON_PROGRAMS :
>>   			      CSIDL_PROGRAMS, &id);
>>     SHGetPathFromIDList (id, path);
>> -  strncat (path, "/Cygwin", MAX_PATH);
>> +  strncat (path, "/Cygwin", MAX_PATH - strlen(path));
> 
> Shouldn't that be
> 
>       strncat (path, "/Cygwin", MAX_PATH - strlen(path) - 1);
> 
> ?

Yes!  I have no idea what I was thinking!

Thanks.

> "If src contains n or more bytes, strncat() writes n+1 bytes to dest  (n
>   from  src plus the terminating null byte).  Therefore, the size of dest
>   must be at least strlen(dest)+n+1."

Re: [PATCH setup] Avoid stringop-overflow warning with gcc8

[Corinna Vinschen]

[-- Attachment #1: Type: text/plain, Size: 981 bytes --]

On Oct 13 13:50, Jon Turney wrote:
> On 12/10/2018 16:58, Corinna Vinschen wrote:
> > On Oct 12 16:43, Jon Turney wrote:
> [...]
> > > diff --git a/desktop.cc b/desktop.cc
> > > index 927c02f..d003e91 100644
> > > --- a/desktop.cc
> > > +++ b/desktop.cc
> > > @@ -107,7 +107,8 @@ start_menu (const std::string& title, const std::string& target,
> > >   			      issystem ? CSIDL_COMMON_PROGRAMS :
> > >   			      CSIDL_PROGRAMS, &id);
> > >     SHGetPathFromIDList (id, path);
> > > -  strncat (path, "/Cygwin", MAX_PATH);
> > > +  strncat (path, "/Cygwin", MAX_PATH - strlen(path));
> > 
> > Shouldn't that be
> > 
> >       strncat (path, "/Cygwin", MAX_PATH - strlen(path) - 1);
> > 
> > ?
> 
> Yes!  I have no idea what I was thinking!

Better than the crime I have commited originally...


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]