NLnetLabs / ldns

LDNS is a DNS library that facilitates DNS tool programming
https://nlnetlabs.nl/ldns
BSD 3-Clause "New" or "Revised" License
301 stars 99 forks source link

warning: ‘%u’ directive output may be truncated writing between 1 and 10 bytes into a region of size 6 #73

Closed noloader closed 2 years ago

noloader commented 4 years ago

Hi Everyone,

This result was produced on a 32-bit machine. It is real 32-bit hardware from the early 2000's. You can probably reproduce it in a virtual machine.

...
./libtool --tag=CC --quiet --mode=compile gcc -I. -I.  -DHAVE_CONFIG_H -DLDNS_TRUST_ANCHOR_FILE="\"/usr/local/etc/unbound/root.key\"" -Wunused-function -Wstrict-prototypes -Wwrite-strings -W -Wall -g -O2 -I/usr/local/include -c ./duration.c -o duration.lo
./duration.c: In function ‘ldns_duration2string’:
./duration.c:265:33: warning: ‘%u’ directive output may be truncated writing between 1 and 10 bytes into a region of size 6 [-Wformat-truncation=]
         snprintf(num, count+2, "%uY", (unsigned int) duration->years);
                                 ^~
./duration.c:265:32: note: directive argument in the range [1, 2147483647]
         snprintf(num, count+2, "%uY", (unsigned int) duration->years);
                                ^~~~~
In file included from /usr/include/stdio.h:862:0,
                 from ./ldns/config.h:529,
                 from ./duration.c:40:
/usr/include/i386-linux-gnu/bits/stdio2.h:64:10: note: ‘__builtin___snprintf_chk’ output between 3 and 12 bytes into a destination of size 6
   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        __bos (__s), __fmt, __va_arg_pack ());
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
./duration.c:271:33: warning: ‘%u’ directive output may be truncated writing between 1 and 10 bytes into a region of size 6 [-Wformat-truncation=]
         snprintf(num, count+2, "%uM", (unsigned int) duration->months);
                                 ^~
./duration.c:271:32: note: directive argument in the range [1, 2147483647]
         snprintf(num, count+2, "%uM", (unsigned int) duration->months);
                                ^~~~~
In file included from /usr/include/stdio.h:862:0,
                 from ./ldns/config.h:529,
                 from ./duration.c:40:
/usr/include/i386-linux-gnu/bits/stdio2.h:64:10: note: ‘__builtin___snprintf_chk’ output between 3 and 12 bytes into a destination of size 6
   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        __bos (__s), __fmt, __va_arg_pack ());
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
./duration.c:277:33: warning: ‘%u’ directive output may be truncated writing between 1 and 10 bytes into a region of size 6 [-Wformat-truncation=]
         snprintf(num, count+2, "%uW", (unsigned int) duration->weeks);
                                 ^~
./duration.c:277:32: note: directive argument in the range [1, 2147483647]
         snprintf(num, count+2, "%uW", (unsigned int) duration->weeks);
                                ^~~~~
In file included from /usr/include/stdio.h:862:0,
                 from ./ldns/config.h:529,
                 from ./duration.c:40:
/usr/include/i386-linux-gnu/bits/stdio2.h:64:10: note: ‘__builtin___snprintf_chk’ output between 3 and 12 bytes into a destination of size 6
   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        __bos (__s), __fmt, __va_arg_pack ());
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
./duration.c:283:33: warning: ‘%u’ directive output may be truncated writing between 1 and 10 bytes into a region of size 6 [-Wformat-truncation=]
         snprintf(num, count+2, "%uD", (unsigned int) duration->days);
                                 ^~
./duration.c:283:32: note: directive argument in the range [1, 2147483647]
         snprintf(num, count+2, "%uD", (unsigned int) duration->days);
                                ^~~~~
In file included from /usr/include/stdio.h:862:0,
                 from ./ldns/config.h:529,
                 from ./duration.c:40:
/usr/include/i386-linux-gnu/bits/stdio2.h:64:10: note: ‘__builtin___snprintf_chk’ output between 3 and 12 bytes into a destination of size 6
   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        __bos (__s), __fmt, __va_arg_pack ());
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
./duration.c:292:33: warning: ‘%u’ directive output may be truncated writing between 1 and 10 bytes into a region of size 6 [-Wformat-truncation=]
         snprintf(num, count+2, "%uH", (unsigned int) duration->hours);
                                 ^~
./duration.c:292:32: note: directive argument in the range [1, 2147483647]
         snprintf(num, count+2, "%uH", (unsigned int) duration->hours);
                                ^~~~~
In file included from /usr/include/stdio.h:862:0,
                 from ./ldns/config.h:529,
                 from ./duration.c:40:
/usr/include/i386-linux-gnu/bits/stdio2.h:64:10: note: ‘__builtin___snprintf_chk’ output between 3 and 12 bytes into a destination of size 6
   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        __bos (__s), __fmt, __va_arg_pack ());
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
./duration.c:298:33: warning: ‘%u’ directive output may be truncated writing between 1 and 10 bytes into a region of size 6 [-Wformat-truncation=]
         snprintf(num, count+2, "%uM", (unsigned int) duration->minutes);
                                 ^~
./duration.c:298:32: note: directive argument in the range [1, 2147483647]
         snprintf(num, count+2, "%uM", (unsigned int) duration->minutes);
                                ^~~~~
In file included from /usr/include/stdio.h:862:0,
                 from ./ldns/config.h:529,
                 from ./duration.c:40:
/usr/include/i386-linux-gnu/bits/stdio2.h:64:10: note: ‘__builtin___snprintf_chk’ output between 3 and 12 bytes into a destination of size 6
   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        __bos (__s), __fmt, __va_arg_pack ());
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
./duration.c:304:33: warning: ‘%u’ directive output may be truncated writing between 1 and 10 bytes into a region of size 6 [-Wformat-truncation=]
         snprintf(num, count+2, "%uS", (unsigned int) duration->seconds);
                                 ^~
./duration.c:304:32: note: directive argument in the range [1, 2147483647]
         snprintf(num, count+2, "%uS", (unsigned int) duration->seconds);
                                ^~~~~
In file included from /usr/include/stdio.h:862:0,
                 from ./ldns/config.h:529,
                 from ./duration.c:40:
/usr/include/i386-linux-gnu/bits/stdio2.h:64:10: note: ‘__builtin___snprintf_chk’ output between 3 and 12 bytes into a destination of size 6
   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        __bos (__s), __fmt, __va_arg_pack ());
wtoorop commented 2 years ago

Resolved in ldns-1.8.0