search

BelledonneCommunications / bctoolbox

Linphone.org mirror for bctoolbox (git://git.linphone.org/bctoolbox.git)
http://linphone.org
GNU General Public License v3.0
25 stars 33 forks source link

gcc-12.1.0 exposes a (possible) problem in port.c #16

Open balducci opened 2 years ago

balducci commented 2 years ago

hello latest gcc-12.1.0 (just released) exposes a (possible) problem with bctoolbox (master, e2fa63767fb5b920e017e72516c787cadec9f515):

cd /home/balducci/tmp/install-us-d/linphone-15734.d/linphone-15734/bctoolbox/src && /usr/bin/gcc  -m64 -DHAVE_CONFIG_H -I/home/balducci/tmp/install-us-d/linphone-15734.d/linphone-15734/bctoolbox/include -I/home/balducci/tmp/install-us-d/linphone-15734.d/linphone-15734/bctoolbox/src -I/home/balducci/tmp/install-us-d/linphone-15734.d/linphone-15734/bctoolbox -I/opt/stow.d/versions/linphone-15734/usr/local/linphone-deps/include  -I/usr/local/linphone-deps/include  -Wall -Wuninitialized -Wno-error=pragmas -Werror -Wextra -Wno-unused-parameter -Wno-error=unknown-pragmas -Wuninitialized -Wno-missing-field-initializers -fno-strict-aliasing -Wno-error=deprecated -Wno-error=deprecated-declarations -Werror -Wstrict-prototypes -MD -MT src/CMakeFiles/bctoolbox-static.dir/utils/port.c.o -MF CMakeFiles/bctoolbox-static.dir/utils/port.c.o.d -o CMakeFiles/bctoolbox-static.dir/utils/port.c.o -c /home/balducci/tmp/install-us-d/linphone-15734.d/linphone-15734/bctoolbox/src/utils/port.c
/home/balducci/tmp/install-us-d/linphone-15734.d/linphone-15734/bctoolbox/src/utils/port.c: In function 'bctbx_concat':
/home/balducci/tmp/install-us-d/linphone-15734.d/linphone-15734/bctoolbox/src/utils/port.c:1677:49: error: pointer 'result' may be used after 'realloc' [-Werror=use-after-free]
 1677 |                                 wp = newp + (wp - result);
      |                                             ~~~~^~~~~~~~~
/home/balducci/tmp/install-us-d/linphone-15734.d/linphone-15734/bctoolbox/src/utils/port.c:1671:49: note: call to 'realloc' here
 1671 |                                 newp = (char *) realloc (result, allocated);
      |                                                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
make[3]: *** [src/CMakeFiles/bctoolbox-static.dir/build.make:121: src/CMakeFiles/bctoolbox-static.dir/utils/port.c.o] Error 1
make[3]: Leaving directory '/home/balducci/tmp/install-us-d/linphone-15734.d/linphone-15734/bctoolbox-767'

gcc<12 doesn't report any problem (I have verified with gcc-11.3.0, but I'm building linphone since a lot of time and never saw this)

I can work around with -Wno-error=use-after-free (as suggested) but I thought you might be interested in this

Building bctoolbox on linux:

Linux 5.17.3 #1 SMP Thu Apr 14 10:09:58 CEST 2022 x86_64 GNU/Linux

with default options.

gcc version:

gcc (GCC) 12.1.0
Copyright (C) 2022 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

thank you very much for your valuable work ciao -gabriele

balducci commented 2 years ago

for completeness: I see the same problem (still exposed only by gcc-12.1.0) with belle-sip:

/home/balducci/tmp/install-us-d/linphone-15734.d/linphone-15734/belle-sip/src/transports/tls_channel.c: In function 'belle_sip_generate_self_signed_certificate':
/home/balducci/tmp/install-us-d/linphone-15734.d/linphone-15734/belle-sip/include/belle-sip/utils.h:39:24: error: pointer 'name_with_path' used after 'free' [-Werror=use-after-free]
   39 | #define belle_sip_free bctbx_free
/home/balducci/tmp/install-us-d/linphone-15734.d/linphone-15734/belle-sip/src/transports/tls_channel.c:288:25: note: in expansion of macro 'belle_sip_free'
  288 |                         belle_sip_free(name_with_path);
      |                         ^~~~~~~~~~~~~~
/home/balducci/tmp/install-us-d/linphone-15734.d/linphone-15734/belle-sip/src/transports/tls_channel.c:283:25: note: call to 'free' here
  283 |                         free(name_with_path);
      |                         ^~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
spikelo commented 2 years ago

the same ^ :(

/home/user/aur/bctoolbox/src/utils/port.c: In function ‘bctbx_concat’: /home/user/aur/bctoolbox/src/utils/port.c:1677:49: error: pointer ‘result’ may be used after ‘realloc’ [-Werror=use-after-free] 1677 | wp = newp + (wp - result); | ~~~~^~~~~~~~~ /home/user/aur/bctoolbox/src/utils/port.c:1671:49: note: call to ‘realloc’ here 1671 | newp = (char *) realloc (result, allocated); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~ cc1: all warnings being treated as errors make[2]: *** [src/CMakeFiles/bctoolbox-static.dir/build.make:118: src/CMakeFiles/bctoolbox-static.dir/utils/port.c.o] Error 1 make[1]: *** [CMakeFiles/Makefile2:140: src/CMakeFiles/bctoolbox-static.dir/all] Error 2 make: *** [Makefile:136: all] Error 2

dump:

[user@archlinux bctoolbox]$ cmake -DCMAKE_SKIP_INSTALL_RPATH=ON CMake Warning: No source or binary directory provided. Both will be assumed to be the same as the current working directory, but note that this warning will become a fatal error in future CMake releases.

-- Setting install rpath to /usr/local/lib -- MBEDTLS Enabled -- MBEDTLS Enabled search enabled -- Using mbedTLS -- Using Decaf -- DTLS SRTP not available -- Configuring done -- Generating done -- Build files have been written to: /home/user/aur/bctoolbox