[gdb/build] Fix Wstringop-truncation in coff_getfilename
Checks
Commit Message
When building gdb with -O2 -fsanitize-threads, I ran into
a Werror=stringop-truncation.
The problem is here in coff_getfilename in coffread.c:
...
strncpy (buffer, aux_entry->x_file.x_n.x_fname, FILNMLEN);
buffer[FILNMLEN] = '\0';
...
The constant FILNMLEN is expected to designate the size of
aux_entry->x_file.x_n.x_fname, but that's no longer the case since commit
60ebc257517 ("Fixes a buffer overflow when compiling assembler for the MinGW
targets.").
Fix this by using "sizeof (aux_entry->x_file.x_n.x_fname)" instead.
Likewise in xcoffread.c.
Tested on x86_64-linux.
PR build/30669
Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=30669
---
gdb/coffread.c | 5 +++--
gdb/xcoffread.c | 5 +++--
2 files changed, 6 insertions(+), 4 deletions(-)
base-commit: 477c9f2ba26ccd77016f2c97941fc8b35e332e35
Comments
>>>>> "Tom" == Tom de Vries via Gdb-patches <gdb-patches@sourceware.org> writes:
Tom> When building gdb with -O2 -fsanitize-threads, I ran into
Tom> a Werror=stringop-truncation.
...
Tom> Fix this by using "sizeof (aux_entry->x_file.x_n.x_fname)" instead.
Tom> Likewise in xcoffread.c.
Tom> Tested on x86_64-linux.
This seems fine to me. I wonder why this code is using a fixed-size
buffer, but your fix is clearly an improvement anyway.
Approved-By: Tom Tromey <tom@tromey.com>
Tom
@@ -1371,8 +1371,9 @@ coff_getfilename (union internal_auxent *aux_entry)
}
else
{
- strncpy (buffer, aux_entry->x_file.x_n.x_fname, FILNMLEN);
- buffer[FILNMLEN] = '\0';
+ size_t x_fname_len = sizeof (aux_entry->x_file.x_n.x_fname);
+ strncpy (buffer, aux_entry->x_file.x_n.x_fname, x_fname_len);
+ buffer[x_fname_len] = '\0';
}
result = buffer;
@@ -1598,8 +1598,9 @@ coff_getfilename (union internal_auxent *aux_entry, struct objfile *objfile)
+ aux_entry->x_file.x_n.x_n.x_offset));
else
{
- strncpy (buffer, aux_entry->x_file.x_n.x_fname, FILNMLEN);
- buffer[FILNMLEN] = '\0';
+ size_t x_fname_len = sizeof (aux_entry->x_file.x_n.x_fname);
+ strncpy (buffer, aux_entry->x_file.x_n.x_fname, x_fname_len);
+ buffer[x_fname_len] = '\0';
}
return (buffer);
}