search

jvoisin / fortify-headers

Standalone portable header-based implementation of FORTIFY_SOURCE=3
BSD Zero Clause License
16 stars 3 forks source link

stringop overflow warnings '__orig_snprintf' specified size ... exceeds maximum object size #68

Open ncopa opened 1 week ago

ncopa commented 1 week ago

There are some string op overflow warnings (32 bit I think):

In file included from /home/buildozer/aports/community/libindi/src/indi-2.0.9/libs/dsp/dsp.h:41,
                 from /home/buildozer/aports/community/libindi/src/indi-2.0.9/libs/dsp/file.c:20:
In function 'sprintf',
    inlined from 'dsp_file_write_fits' at /home/buildozer/aports/community/libindi/src/indi-2.0.9/libs/dsp/file.c:225:13:
/usr/include/fortify/stdio.h:303:15: warning: '__orig_snprintf' specified size 4294967295 exceeds maximum object size 2147483647 [-Wstringop-overflow=]
  303 |         __r = __orig_snprintf(__s, __b, __f, __builtin_va_arg_pack());
      |               ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

When compiling kernel this end up as error (64 bit example):

  CALL    /home/ncopa/aports/main/linux-lts/src/linux-6.6/scripts/checksyscalls.sh
In file included from libbpf.c:17:
In function 'sprintf',
    inlined from 'bpf_object__init_user_btf_map' at libbpf.c:2603:3,
    inlined from 'bpf_object__init_user_btf_maps' at libbpf.c:2656:9,
    inlined from 'bpf_object__init_maps' at libbpf.c:2677:8:
/usr/include/fortify/stdio.h:303:15: error: '__orig_snprintf' specified size 18446744073709551615 exceeds maximum object size 9223372036854775807 [-Werror=stringop-overflow=]
  303 |         __r = __orig_snprintf(__s, __b, __f, __builtin_va_arg_pack());
      |               ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In function 'bpf_object__init_user_btf_map',
    inlined from 'bpf_object__init_user_btf_maps' at libbpf.c:2656:9,
    inlined from 'bpf_object__init_maps' at libbpf.c:2677:8:
libbpf.c:2601:36: note: destination object allocated here
 2601 |                 if (!map->inner_map->name)
      |                      ~~~~~~~~~~~~~~^~~~~~
In file included from /usr/include/fortify/stdlib.h:27,
                 from libbpf.c:16:
/usr/include/fortify/stdio.h: In function 'bpf_object__init_maps':
/usr/include/fortify/stdio.h:274:1: note: in a call to function '__orig_snprintf' declared with attribute 'access (read_only, 3)'
  274 | _FORTIFY_FN(snprintf) int snprintf(char *__s, size_t __n,
      | ^~~~~~~~~~~
cc1: all warnings being treated as errors
jvoisin commented 4 days ago

This has been mitigated in c3b48c6 by disabling snprintf hardening for now.