search

networkupstools / nut

The Network UPS Tools repository. UPS management protocol Informational RFC 9271 published by IETF at https://www.rfc-editor.org/info/rfc9271 Please star NUT on GitHub, this helps with sponsorships!
https://networkupstools.org/
Other
2.12k stars 355 forks source link

OpenBSD builds warn about string related routines and rand() determinism #861

Open jimklimov opened 4 years ago

jimklimov commented 4 years ago

http://buildbot.networkupstools.org/public/nut/builders/OpenBSD-x64/builds/802/steps/compile/logs/warnings%20%2812%29

../../drivers/belkinunv.c:720: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/gamatronic.c:72: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/masterguard.c:360: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/mge-utalk.c:627: warning: sprintf() is often misused, please use snprintf()
../../drivers/safenet.c:374: warning: random() may return deterministic values, is that what you want?
../../drivers/solis.c:700: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/upscode2.c:1242: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/apcsmart.c:192: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/nutdrv_qx_voltronic.c:3572: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/snmp-ups.c:1817: warning: strcat() is almost always misused, please use strlcat()
../../drivers/tripplite_usb.c:393: warning: sprintf() is often misused, please use snprintf()
../../server/upsd.c:914: warning: rand() may return deterministic values, is that what you want?

Note for context: seems that for some string routines, NUT might use private implementations if the target systems lacks equivalents in their standard. I am not sure if those ARE used in that build, and if the compiler warning engine knows to differentiate the same-named functions.

jimklimov commented 3 years ago

As of late, due to recipe changes the OpenBSD (6.4 amd64 generic) worker in Buildbot farm fails to built NUT (issue #1190), all other system pass the build.

Last green master-branch build still reports the sort of warnings this issue is about: http://buildbot.networkupstools.org/public/nut/builders/OpenBSD-x64/builds/1038/steps/compile/logs/warnings%20%2822%29

jimklimov commented 2 years ago

Recent builds succeed again, although still with many warnings, mostly about not using safer string length-limited operations, rand/random methods, and lately about many of the sanity-checks about data ranges that vary between platforms (to check: are those covered with macros for "tautologic" checks? does build toolkit on OpenBSD honor these, and/or does it need other warning names put into pragmas?):

../../clients/upsclient.c:647: warning: comparison is always true due to limited range of data type
../../clients/upsclient.c:731: warning: comparison is always true due to limited range of data type
../../clients/upsrw.c:163: warning: comparison is always true due to limited range of data type
../../clients/upscmd.c:238: warning: comparison is always true due to limited range of data type
../../drivers/bcmxcp_ser.c:338: warning: comparison is always true due to limited range of data type
../../drivers/belkinunv.c:739: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/gamatronic.c:73: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/masterguard.c:360: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/mge-utalk.c:629: warning: sprintf() is often misused, please use snprintf()
../../drivers/microdowell.c:817: warning: comparison of unsigned expression < 0 is always false
../../drivers/microdowell.c:851: warning: comparison of unsigned expression < 0 is always false
../../drivers/libshut.c:1172: warning: comparison is always false due to limited range of data type
../../drivers/libshut.c:1173: warning: comparison is always false due to limited range of data type
../../drivers/libshut.c:1235: warning: comparison of unsigned expression < 0 is always false
../../drivers/libhid.c:570: warning: comparison is always false due to limited range of data type
../../drivers/hidparser.c:584: warning: comparison of unsigned expression < 0 is always false
../../drivers/safenet.c:375: warning: random() may return deterministic values, is that what you want?
../../drivers/solis.c:711: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/upscode2.c:1246: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/apcsmart.c:687: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/libusb1.c:659: warning: comparison is always false due to limited range of data type
../../drivers/libusb1.c:660: warning: comparison is always false due to limited range of data type
../../drivers/libusb1.c:660: warning: comparison is always false due to limited range of data type
../../drivers/libusb1.c:661: warning: comparison is always false due to limited range of data type
../../drivers/libusb1.c:709: warning: comparison is always false due to limited range of data type
../../drivers/libusb1.c:710: warning: comparison is always false due to limited range of data type
../../drivers/libusb1.c:710: warning: comparison is always false due to limited range of data type
../../drivers/libusb1.c:711: warning: comparison is always false due to limited range of data type
../../drivers/libusb1.c:759: warning: comparison is always false due to limited range of data type
../../drivers/libusb1.c:760: warning: comparison is always false due to limited range of data type
../../drivers/libusb1.c:760: warning: comparison is always false due to limited range of data type
../../drivers/libusb1.c:761: warning: comparison is always false due to limited range of data type
../../drivers/libusb1.c:799: warning: comparison is always false due to limited range of data type
../../drivers/libusb1.c:800: warning: comparison is always false due to limited range of data type
../../drivers/libusb1.c:222: warning: sprintf() is often misused, please use snprintf()
../../drivers/nutdrv_qx_masterguard.c:330: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/snmp-ups.c:2052: warning: sprintf() is often misused, please use snprintf()
../../drivers/snmp-ups.c:2415: warning: strcat() is almost always misused, please use strlcat()
../../drivers/usbhid-ups.c:1196: warning: comparison is always true due to limited range of data type
../../drivers/libusb1.c:659: warning: comparison is always false due to limited range of data type
../../drivers/libusb1.c:660: warning: comparison is always false due to limited range of data type
../../drivers/libusb1.c:660: warning: comparison is always false due to limited range of data type
../../drivers/libusb1.c:661: warning: comparison is always false due to limited range of data type
../../drivers/libusb1.c:709: warning: comparison is always false due to limited range of data type
../../drivers/libusb1.c:710: warning: comparison is always false due to limited range of data type
../../drivers/libusb1.c:710: warning: comparison is always false due to limited range of data type
../../drivers/libusb1.c:711: warning: comparison is always false due to limited range of data type
../../drivers/libusb1.c:759: warning: comparison is always false due to limited range of data type
../../drivers/libusb1.c:760: warning: comparison is always false due to limited range of data type
../../drivers/libusb1.c:760: warning: comparison is always false due to limited range of data type
../../drivers/libusb1.c:761: warning: comparison is always false due to limited range of data type
../../drivers/libusb1.c:799: warning: comparison is always false due to limited range of data type
../../drivers/libusb1.c:800: warning: comparison is always false due to limited range of data type
../../drivers/hidparser.c:584: warning: comparison is always false due to limited range of data type
../../drivers/hidparser.c:585: warning: comparison is always false due to limited range of data type
../../drivers/libusb1.c:222: warning: sprintf() is often misused, please use snprintf()
../../drivers/bcmxcp_usb.c:444: warning: sprintf() is often misused, please use snprintf()
../../drivers/tripplite_usb.c:431: warning: sprintf() is often misused, please use snprintf()
../../drivers/libusb1.c:222: warning: sprintf() is often misused, please use snprintf()
../../drivers/richcomm_usb.c:123: warning: comparison is always false due to limited range of data type
../../drivers/richcomm_usb.c:151: warning: comparison is always false due to limited range of data type
../../drivers/richcomm_usb.c:395: warning: sprintf() is often misused, please use snprintf()
../../drivers/libusb1.c:222: warning: sprintf() is often misused, please use snprintf()
../../drivers/nutdrv_atcl_usb.c:348: warning: sprintf() is often misused, please use snprintf()
../../server/netssl.c:650: warning: comparison is always true due to limited range of data type
../../server/netssl.c:683: warning: comparison is always true due to limited range of data type
../../server/upsd.c:947: warning: rand() may return deterministic values, is that what you want?
hidparser.c:584: warning: comparison is always false due to limited range of data type
hidparser.c:585: warning: comparison is always false due to limited range of data type
../../drivers/belkinunv.c:739: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/gamatronic.c:73: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/masterguard.c:360: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/mge-utalk.c:629: warning: sprintf() is often misused, please use snprintf()
../../drivers/safenet.c:375: warning: random() may return deterministic values, is that what you want?
../../drivers/solis.c:711: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/upscode2.c:1246: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/apcsmart.c:687: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/libusb1.c:222: warning: sprintf() is often misused, please use snprintf()
../../drivers/nutdrv_qx_masterguard.c:330: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/snmp-ups.c:2052: warning: sprintf() is often misused, please use snprintf()
../../drivers/snmp-ups.c:2415: warning: strcat() is almost always misused, please use strlcat()
../../drivers/libusb1.c:222: warning: sprintf() is often misused, please use snprintf()
../../drivers/bcmxcp_usb.c:444: warning: sprintf() is often misused, please use snprintf()
../../drivers/tripplite_usb.c:431: warning: sprintf() is often misused, please use snprintf()
../../drivers/libusb1.c:222: warning: sprintf() is often misused, please use snprintf()
../../drivers/richcomm_usb.c:395: warning: sprintf() is often misused, please use snprintf()
../../drivers/libusb1.c:222: warning: sprintf() is often misused, please use snprintf()
../../drivers/nutdrv_atcl_usb.c:348: warning: sprintf() is often misused, please use snprintf()
../../server/upsd.c:947: warning: rand() may return deterministic values, is that what you want?
../../drivers/belkinunv.c:739: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/gamatronic.c:73: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/masterguard.c:360: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/mge-utalk.c:629: warning: sprintf() is often misused, please use snprintf()
../../drivers/safenet.c:375: warning: random() may return deterministic values, is that what you want?
../../drivers/solis.c:711: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/upscode2.c:1246: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/apcsmart.c:687: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/libusb1.c:222: warning: sprintf() is often misused, please use snprintf()
../../drivers/nutdrv_qx_masterguard.c:330: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/snmp-ups.c:2052: warning: sprintf() is often misused, please use snprintf()
../../drivers/snmp-ups.c:2415: warning: strcat() is almost always misused, please use strlcat()
../../drivers/libusb1.c:222: warning: sprintf() is often misused, please use snprintf()
../../drivers/bcmxcp_usb.c:444: warning: sprintf() is often misused, please use snprintf()
../../drivers/tripplite_usb.c:431: warning: sprintf() is often misused, please use snprintf()
../../drivers/libusb1.c:222: warning: sprintf() is often misused, please use snprintf()
../../drivers/richcomm_usb.c:395: warning: sprintf() is often misused, please use snprintf()
../../drivers/libusb1.c:222: warning: sprintf() is often misused, please use snprintf()
../../drivers/nutdrv_atcl_usb.c:348: warning: sprintf() is often misused, please use snprintf()
../../drivers/belkinunv.c:739: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/gamatronic.c:73: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/masterguard.c:360: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/mge-utalk.c:629: warning: sprintf() is often misused, please use snprintf()
../../drivers/safenet.c:375: warning: random() may return deterministic values, is that what you want?
../../drivers/solis.c:711: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/upscode2.c:1246: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/apcsmart.c:687: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/libusb1.c:222: warning: sprintf() is often misused, please use snprintf()
../../drivers/nutdrv_qx_masterguard.c:330: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/snmp-ups.c:2052: warning: sprintf() is often misused, please use snprintf()
../../drivers/snmp-ups.c:2415: warning: strcat() is almost always misused, please use strlcat()
../../drivers/libusb1.c:222: warning: sprintf() is often misused, please use snprintf()
../../drivers/bcmxcp_usb.c:444: warning: sprintf() is often misused, please use snprintf()
../../drivers/tripplite_usb.c:431: warning: sprintf() is often misused, please use snprintf()
../../drivers/libusb1.c:222: warning: sprintf() is often misused, please use snprintf()
../../drivers/richcomm_usb.c:395: warning: sprintf() is often misused, please use snprintf()
../../drivers/libusb1.c:222: warning: sprintf() is often misused, please use snprintf()
../../drivers/nutdrv_atcl_usb.c:348: warning: sprintf() is often misused, please use snprintf()
../../server/upsd.c:947: warning: rand() may return deterministic values, is that what you want?
../../server/upsd.c:947: warning: rand() may return deterministic values, is that what you want?
../../drivers/belkinunv.c:739: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/gamatronic.c:73: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/masterguard.c:360: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/mge-utalk.c:629: warning: sprintf() is often misused, please use snprintf()
../../drivers/safenet.c:375: warning: random() may return deterministic values, is that what you want?
../../drivers/solis.c:711: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/upscode2.c:1246: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/apcsmart.c:687: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/libusb1.c:222: warning: sprintf() is often misused, please use snprintf()
../../drivers/nutdrv_qx_masterguard.c:330: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/snmp-ups.c:2052: warning: sprintf() is often misused, please use snprintf()
../../drivers/snmp-ups.c:2415: warning: strcat() is almost always misused, please use strlcat()
../../drivers/libusb1.c:222: warning: sprintf() is often misused, please use snprintf()
../../drivers/bcmxcp_usb.c:444: warning: sprintf() is often misused, please use snprintf()
../../drivers/tripplite_usb.c:431: warning: sprintf() is often misused, please use snprintf()
../../drivers/libusb1.c:222: warning: sprintf() is often misused, please use snprintf()
../../drivers/richcomm_usb.c:395: warning: sprintf() is often misused, please use snprintf()
../../drivers/libusb1.c:222: warning: sprintf() is often misused, please use snprintf()
../../drivers/nutdrv_atcl_usb.c:348: warning: sprintf() is often misused, please use snprintf()
../../drivers/belkinunv.c:739: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/gamatronic.c:73: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/masterguard.c:360: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/mge-utalk.c:629: warning: sprintf() is often misused, please use snprintf()
../../drivers/safenet.c:375: warning: random() may return deterministic values, is that what you want?
../../drivers/solis.c:711: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/upscode2.c:1246: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/apcsmart.c:687: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/libusb1.c:222: warning: sprintf() is often misused, please use snprintf()
../../drivers/nutdrv_qx_masterguard.c:330: warning: strcpy() is almost always misused, please use strlcpy()
../../drivers/snmp-ups.c:2052: warning: sprintf() is often misused, please use snprintf()
../../drivers/snmp-ups.c:2415: warning: strcat() is almost always misused, please use strlcat()
../../drivers/libusb1.c:222: warning: sprintf() is often misused, please use snprintf()
../../drivers/bcmxcp_usb.c:444: warning: sprintf() is often misused, please use snprintf()
../../drivers/tripplite_usb.c:431: warning: sprintf() is often misused, please use snprintf()
../../drivers/libusb1.c:222: warning: sprintf() is often misused, please use snprintf()
../../drivers/richcomm_usb.c:395: warning: sprintf() is often misused, please use snprintf()
../../drivers/libusb1.c:222: warning: sprintf() is often misused, please use snprintf()
../../drivers/nutdrv_atcl_usb.c:348: warning: sprintf() is often misused, please use snprintf()
../../server/upsd.c:947: warning: rand() may return deterministic values, is that what you want?
../../server/upsd.c:947: warning: rand() may return deterministic values, is that what you want?

as of http://buildbot.networkupstools.org/public/nut/builders/OpenBSD-x64/builds/1205/steps/compile/logs/warnings%20%28169%29 (nut-v2.7.4-4613-ge121856932.7.4.1.tar.gz => https://github.com/networkupstools/nut/commit/e121856938781ed307587f2b6d5740db1cd19a22 master revision)

jimklimov commented 2 years ago

An OpenBSD-6.4 worker (clang-6.0.0, gcc-4.2.1) was deployed as a regular guest in the new NUT CI farm. CI recipes and configure script warnings pre-sets were tweaked to cater for its (lack of) support for certain warnings and pragmas, effectively making warnings in builds by old gcc (4.3 or older) non-fatal by default.

The warnings/suggestions above seem to not come from compiler stack, and so do not show up in Jenkins Warnings analyzer summaries for the builds, but from the linker - it similarly notes some third-party library shared objects as using questionable methods.