In the current state bmcweb fails to build by throwing the following error(warning treated as error due to -Werror) :
/home/juliet/bmcweb/include/pam_authenticate.hpp:26:17: error: ‘strncpy’ specified bound depends on the length of the source argument [-Werror=stringop-overflow=]
26 | std::strncpy(pass, appPass, appPassSize + 1);
| ^
/home/juliet/bmcweb/include/pam_authenticate.hpp:19:37: note: length computed here
19 | size_t appPassSize = std::strlen(appPass);
| ^
lto1: all warnings being treated as errors
-Wstringop-overflow if a gcc warning that warns for calls to string manipulation functions such as memcpy and strcpy that are determined to overflow the destination buffer. gcc seems to be over strict on how 3rd parameter(size) of strncpy() is determined , and throws a warning in these cases following the below anti-pattern:
strncpy (dest, src, strlen (src));
There is already a bug filed under gcc for the same. The initial investigation & couple of workarounds have been discussed as part of this commit , but at the moment we thought the best option to move forward is to suppress the warning until we know a concrete solution for this problem. Once we fix it , we can enforce the warning again.
In the current state bmcweb fails to build by throwing the following error(warning treated as error due to -Werror) :
-Wstringop-overflow if a gcc warning that warns for calls to string manipulation functions such as memcpy and strcpy that are determined to overflow the destination buffer. gcc seems to be over strict on how 3rd parameter(size) of strncpy() is determined , and throws a warning in these cases following the below anti-pattern:
There is already a bug filed under gcc for the same. The initial investigation & couple of workarounds have been discussed as part of this commit , but at the moment we thought the best option to move forward is to suppress the warning until we know a concrete solution for this problem. Once we fix it , we can enforce the warning again.