public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
From: "fweimer at redhat dot com" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs@sourceware.org
Subject: [Bug string/31332] Improve detection of buffer overflow at compile-time with FORTIFY_SOURCE
Date: Mon, 05 Feb 2024 15:07:42 +0000 [thread overview]
Message-ID: <bug-31332-131-m1xAaHpXrf@http.sourceware.org/bugzilla/> (raw)
In-Reply-To: <bug-31332-131@http.sourceware.org/bugzilla/>
https://sourceware.org/bugzilla/show_bug.cgi?id=31332
--- Comment #2 from Florian Weimer <fweimer at redhat dot com> ---
Comment on attachment 15350
--> https://sourceware.org/bugzilla/attachment.cgi?id=15350
Test case with buffer overflow in memcpy call
Current GCC already warns about this:
#include <string.h>
__attribute__ ((weak))
void use (void *)
{
}
int main() {
char buffer[5];
char *src = "Hi guys";
memcpy(buffer, src, strlen(src));
use(buffer);
return 0;
}
memcpy.c: In function ‘main’:
memcpy.c:12:3: warning: ‘memcpy’ forming offset [5, 6] is out of the bounds [0,
5] of object ‘buffer’ with type ‘char[5]’ [-Warray-bounds=]
12 | memcpy(buffer, src, strlen(src));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
memcpy.c:9:8: note: ‘buffer’ declared here
9 | char buffer[5];
| ^~~~~~
This can be turned into an error with -Werror=array-bounds. The advantage is
that GCC can provide some helpful context about buffer sizes and offsets, which
we can do from a header with an inline wrapper function.
The issue is that with your original test case is that the memcpy call is
already gone at the point when such warnings are generated.
(What's missing is a GCC compilation mode where operations on a pointer that
cannot be bounds-checked fail to compile, but to be useful, that would have to
cover pointer arithmetic as well, so a header-only solution doesn't help with
that, either.)
--
You are receiving this mail because:
You are on the CC list for the bug.
next prev parent reply other threads:[~2024-02-05 15:07 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-03 0:14 [Bug string/31332] New: " Vojislav.Tomasevic at Syrmia dot com
2024-02-03 13:38 ` [Bug string/31332] " schwab@linux-m68k.org
2024-02-03 13:40 ` sam at gentoo dot org
2024-02-05 15:07 ` fweimer at redhat dot com [this message]
2024-02-05 15:08 ` fweimer at redhat dot com
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-31332-131-m1xAaHpXrf@http.sourceware.org/bugzilla/ \
--to=sourceware-bugzilla@sourceware.org \
--cc=glibc-bugs@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).