nbs-system / naxsi

NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX
GNU General Public License v3.0
4.8k stars 606 forks source link

Compile on 20.04 fails again #514

Closed fbatschi closed 4 years ago

fbatschi commented 4 years ago

In reference to #491

I am also trying to compile nginx 1.18 with naxsi 0.56 from master here on Ubuntu 20.04 but it fails gcc (Ubuntu 9.3.0-10ubuntu2) 9.3.0

cc -c -pipe  -O -W -Wall -Wpointer-arith -Wno-unused-parameter -Werror -g -g -O2 -fdebug-prefix-map=/tmp/nginxbuild/nginx/nginx-1.18.0=. -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC  -I src/core -I src/event -I src/event/modules -I src/os/unix -I objs -I src/http -I src/http/modules -I src/http/v2 -I src/mail -I src/stream \
    -o objs/addon/naxsi_src/naxsi_json.o \
    ../../modules/naxsi/naxsi_src/naxsi_json.c
In file included from /usr/include/string.h:495,
                 from src/os/unix/ngx_linux_config.h:27,
                 from src/core/ngx_config.h:26,
                 from ../../modules/naxsi/naxsi_src/naxsi.h:13,
                 from ../../modules/naxsi/naxsi_src/naxsi_utils.c:7:
In function ‘strncpy’,
    inlined from ‘ngx_http_wlr_finalize_hashtables’ at ../../modules/naxsi/naxsi_src/naxsi_utils.c:665:9,
    inlined from ‘ngx_http_dummy_create_hashtables_n’ at ../../modules/naxsi/naxsi_src/naxsi_utils.c:977:7:
/usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: error: ‘__builtin___strncpy_chk’ output truncated before terminating nul copying as many bytes from a string as its length [-Werror=stringop-truncation]
  106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../../modules/naxsi/naxsi_src/naxsi_utils.c: In function ‘ngx_http_dummy_create_hashtables_n’:
../../modules/naxsi/naxsi_src/naxsi_utils.c:663:27: note: length computed here
  663 |       size_t fname_size = strlen((char *)dlc->whitelist_file->data);
      |                           ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
make[2]: *** [objs/Makefile:1876: objs/addon/naxsi_src/naxsi_utils.o] Error 1
marcinguy commented 4 years ago

@fbatschi Can you try this:

https://github.com/nbs-system/naxsi/pull/515

This is due to new GCC 8 features: https://developers.redhat.com/blog/2018/05/24/detecting-string-truncation-with-gcc-8/

fbatschi commented 4 years ago

@marcinguy Yes, this fixes my problem. Thanks!

wargio commented 4 years ago

fixed, thanks @marcinguy