66 lines
2.4 KiB
Diff
66 lines
2.4 KiB
Diff
From 8633e2951d8eba59755c82ef10099ed47eafd474 Mon Sep 17 00:00:00 2001
|
|
From: Laszlo Ersek <lersek@redhat.com>
|
|
Date: Fri, 2 Mar 2018 19:09:24 +0100
|
|
Subject: [PATCH 3/3] BaseTools/GenVtf: silence false "stringop-overflow"
|
|
warning with memcpy()
|
|
|
|
gcc-8 (which is part of Fedora 28) enables the new warning
|
|
"-Wstringop-overflow" in "-Wall". This warning is documented in detail at
|
|
<https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html>; the
|
|
introduction says
|
|
|
|
> Warn for calls to string manipulation functions such as memcpy and
|
|
> strcpy that are determined to overflow the destination buffer.
|
|
|
|
It breaks the BaseTools build with:
|
|
|
|
> GenVtf.c: In function 'ConvertVersionInfo':
|
|
> GenVtf.c:132:7: error: 'strncpy' specified bound depends on the length
|
|
> of the source argument [-Werror=stringop-overflow=]
|
|
> strncpy (TemStr + 4 - Length, Str, Length);
|
|
> ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
> GenVtf.c:130:14: note: length computed here
|
|
> Length = strlen(Str);
|
|
> ^~~~~~~~~~~
|
|
|
|
It is a false positive because, while the bound equals the length of the
|
|
source argument, the destination pointer is moved back towards the
|
|
beginning of the destination buffer by the same amount (and this amount is
|
|
range-checked first, so we can't precede the start of the dest buffer).
|
|
|
|
Replace both strncpy() calls with memcpy().
|
|
|
|
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
|
|
Cc: Cole Robinson <crobinso@redhat.com>
|
|
Cc: Liming Gao <liming.gao@intel.com>
|
|
Cc: Paolo Bonzini <pbonzini@redhat.com>
|
|
Cc: Yonghong Zhu <yonghong.zhu@intel.com>
|
|
Reported-by: Cole Robinson <crobinso@redhat.com>
|
|
Contributed-under: TianoCore Contribution Agreement 1.1
|
|
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
|
Message-Id: <20180302180924.4312-4-lersek@redhat.com>
|
|
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
|
---
|
|
BaseTools/Source/C/GenVtf/GenVtf.c | 4 ++--
|
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/BaseTools/Source/C/GenVtf/GenVtf.c b/BaseTools/Source/C/GenVtf/GenVtf.c
|
|
index 2ae9a7be2c..0cd33e71e9 100644
|
|
--- a/BaseTools/Source/C/GenVtf/GenVtf.c
|
|
+++ b/BaseTools/Source/C/GenVtf/GenVtf.c
|
|
@@ -129,9 +129,9 @@ Returns:
|
|
} else {
|
|
Length = strlen(Str);
|
|
if (Length < 4) {
|
|
- strncpy (TemStr + 4 - Length, Str, Length);
|
|
+ memcpy (TemStr + 4 - Length, Str, Length);
|
|
} else {
|
|
- strncpy (TemStr, Str + Length - 4, 4);
|
|
+ memcpy (TemStr, Str + Length - 4, 4);
|
|
}
|
|
|
|
sscanf (
|
|
--
|
|
2.14.3
|
|
|