From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-qk1-x730.google.com (mail-qk1-x730.google.com [IPv6:2607:f8b0:4864:20::730]) by sourceware.org (Postfix) with ESMTPS id 680C33858C27 for ; Mon, 10 May 2021 18:37:53 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 680C33858C27 Received: by mail-qk1-x730.google.com with SMTP id c20so5360909qkm.3 for ; Mon, 10 May 2021 11:37:53 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=GPTjboaRqSDp0EHxx00zHGb6Yb9P4XEf6/Hq/QmX9Ww=; b=gCvMvysVJVGhLZXFViilljESYkY1Fapx/Fp85gzJtCCQpA5WL2Kz2b91NPZVJ227oj QQ/f0tUnQ2T2lo9uraY6p04+xioi/fzILYMyWI5i4iQFYFamGNYYXUq4M+w4oTtml6bg lcx8kGoKhRcypMojtKA5Ij1qF7K2NCtspG9HBUyk7dr4RG73A1aa/sqTUEi22d5AXOjL Gt/HdRE6B3mR/Kma/GRB1zjb6Vj7N9IAKySVIg6JQ5tcG2R0F4ivTgBu3sOXrlb2cKzo cOQlFDQINpPQFI3SY6qjyToApMoBD0YJBLeuUfk5YJoklK5TwKGpUMHX6lc8RxpmXbsh AYRQ== X-Gm-Message-State: AOAM533KlYgExiA8v8ow1VlIFbbcjeBG5bW65GMD6rG4miIDMtW7HC9R IFJ2fnsRLE95fjOEHV2oIyhIbgnKJzc= X-Google-Smtp-Source: ABdhPJx9zdSeIt9CltQGP1RctqfDVKHoGzBlCWP6NxzeaMTBporKysbmNy/eoGpBPXY1ELmH6DI9mg== X-Received: by 2002:a37:7c42:: with SMTP id x63mr24370523qkc.239.1620671873077; Mon, 10 May 2021 11:37:53 -0700 (PDT) Received: from [192.168.0.41] (71-218-14-121.hlrn.qwest.net. [71.218.14.121]) by smtp.gmail.com with ESMTPSA id 25sm1069694qky.16.2021.05.10.11.37.51 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 10 May 2021 11:37:52 -0700 (PDT) Subject: Re: [PATCH] more out of bounds checking improvements To: Florian Weimer Cc: Martin Sebor via Libc-alpha , Joseph Myers References: <176ba75f-4299-073f-8319-66dbf9fe3f42@gmail.com> <87k0ot9trs.fsf@oldenburg.str.redhat.com> <87v98d6ldm.fsf@oldenburg.str.redhat.com> <2a7e377d-60c8-313b-9422-6cd0b4f5224c@gmail.com> <87fsyvf04w.fsf@oldenburg.str.redhat.com> <7da0198c-a478-d877-4b64-da5a50e7e87b@gmail.com> <871rae7a2o.fsf@oldenburg.str.redhat.com> From: Martin Sebor Message-ID: <1f4620a7-c0db-23f7-c5a8-f47c2d7b2c36@gmail.com> Date: Mon, 10 May 2021 12:37:51 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.2.2 MIME-Version: 1.0 In-Reply-To: <871rae7a2o.fsf@oldenburg.str.redhat.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-10.3 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0, NICE_REPLY_A, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 May 2021 18:37:54 -0000 On 5/10/21 11:49 AM, Florian Weimer wrote: > * Martin Sebor: > >> diff --git a/nss/makedb.c b/nss/makedb.c >> index 9389f6b548..6551b3cf2a 100644 >> --- a/nss/makedb.c >> +++ b/nss/makedb.c >> @@ -792,14 +792,25 @@ write_output (int fd) >> + nhashentries_total * sizeof (stridx_t))); >> header->allocate = file_offset; >> >> - /* Help GCC 10 see iov_nelts doesn't overflow the writev argument. */ >> assert (iov_nelts <= INT_MAX); >> + >> +#if __GNUC_PREREQ (10, 0) >> + DIAG_PUSH_NEEDS_COMMENT; >> + /* Avoid GCC 10 false positice warning: specified size exceeds maximum >> + object size. */ >> + DIAG_IGNORE_NEEDS_COMMENT (10, "-Wstringop-overflow"); >> +#endif >> + >> if (writev (fd, iov, iov_nelts) != keydataoffset) >> { >> error (0, errno, gettext ("failed to write new database file")); >> return EXIT_FAILURE; >> } >> >> +#if __GNUC_PREREQ (10, 0) >> + DIAG_POP_NEEDS_COMMENT; >> +#endif >> + >> return EXIT_SUCCESS; >> } > > Typo: positice > > I'm building this with build-many-glibcs.py right now, first with GCC > 11, then with GCC 10. I don't have a GCC 10 tree yet, so it's goint to > take some time, hopefully less than two hours. > > If the warning happens with GCC 10 only, should we disable it for GCC 11 > as well? It doesn't need to be disabled for GCC 11 but I don't know how to be this selective with these version macros. If it's okay to use __GNUC__ then this works: index 9389f6b548..6a061e6457 100644 --- a/nss/makedb.c +++ b/nss/makedb.c @@ -792,7 +792,15 @@ write_output (int fd) + nhashentries_total * sizeof (stridx_t))); header->allocate = file_offset; - /* Help GCC 10 see iov_nelts doesn't overflow the writev argument. */ + assert (iov_nelts <= INT_MAX); + +#if __GNUC__ == 10 + DIAG_PUSH_NEEDS_COMMENT; + /* Avoid GCC 10 false positive warning: specified size exceeds maximum + object size. */ + DIAG_IGNORE_NEEDS_COMMENT (10, "-Wstringop-overflow"); +#endif + assert (iov_nelts <= INT_MAX); if (writev (fd, iov, iov_nelts) != keydataoffset) { @@ -800,6 +808,10 @@ write_output (int fd) return EXIT_FAILURE; } +#if __GNUC__ == 10 + DIAG_POP_NEEDS_COMMENT; +#endif + return EXIT_SUCCESS; } Martin > > Thanks, > Florian >