-Werror=stringop-overflow= in src/nm-sstp-pppd-plugin.c
felixonmars opened this issue · comments
In file included from /usr/include/string.h:519,
from /usr/include/glib-2.0/glib/gslice.h:26,
from /usr/include/glib-2.0/glib.h:79,
from /usr/include/glib-2.0/gobject/gbinding.h:28,
from /usr/include/glib-2.0/glib-object.h:22,
from /usr/include/glib-2.0/gio/gioenums.h:28,
from /usr/include/glib-2.0/gio/giotypes.h:28,
from /usr/include/glib-2.0/gio/gio.h:26,
from ./shared/nm-utils/nm-glib.h:24,
from ./shared/nm-default.h:48,
from src/nm-sstp-pppd-plugin.c:34:
In function ‘strncpy’,
inlined from ‘get_credentials’ at src/nm-sstp-pppd-plugin.c:551:3:
/usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ specified bound depends on the length of the source argument [-Werror=stringop-overflow=]
106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
src/nm-sstp-pppd-plugin.c: In function ‘get_credentials’:
src/nm-sstp-pppd-plugin.c:548:9: note: length computed here
548 | len = strlen (my_username) + 1;
| ^~~~~~~~~~~~~~~~~~~~
In file included from /usr/include/string.h:519,
from /usr/include/glib-2.0/glib/gslice.h:26,
from /usr/include/glib-2.0/glib.h:79,
from /usr/include/glib-2.0/gobject/gbinding.h:28,
from /usr/include/glib-2.0/glib-object.h:22,
from /usr/include/glib-2.0/gio/gioenums.h:28,
from /usr/include/glib-2.0/gio/giotypes.h:28,
from /usr/include/glib-2.0/gio/gio.h:26,
from ./shared/nm-utils/nm-glib.h:24,
from ./shared/nm-default.h:48,
from src/nm-sstp-pppd-plugin.c:34:
In function ‘strncpy’,
inlined from ‘get_credentials’ at src/nm-sstp-pppd-plugin.c:559:3:
/usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ specified bound depends on the length of the source argument [-Werror=stringop-overflow=]
106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
src/nm-sstp-pppd-plugin.c: In function ‘get_credentials’:
src/nm-sstp-pppd-plugin.c:556:9: note: length computed here
556 | len = strlen (my_password) + 1;
| ^~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
make[2]: *** [Makefile:1243: src/nm_sstp_pppd_plugin_la-nm-sstp-pppd-plugin.lo] Error 1
What version of the code are you looking at? Currently, the function get_credentials() doesn't exist and got replaced with the current implementation:
/**
* Invoke Network Manager to extract the secret saved for this connection
*/
static int
nm_get_credentials (char *username, char *password)
{
const char *my_username = NULL;
const char *my_password = NULL;
GVariant *ret;
GError *error = NULL;
if (!password) {
/* pppd is checking pap support; return 1 for supported */
g_return_val_if_fail (username, -1);
return 1;
}
g_return_val_if_fail (username, -1);
g_return_val_if_fail (G_IS_DBUS_PROXY (gl.proxy), -1);
_LOGI ("passwd-hook: requesting credentials...");
ret = g_dbus_proxy_call_sync (gl.proxy,
"NeedSecrets",
NULL,
G_DBUS_CALL_FLAGS_NONE, -1,
NULL, &error);
if (!ret) {
_LOGW ("passwd-hook: could not get secrets: %s",
error->message);
g_error_free (error);
return -1;
}
_LOGI ("passwd-hook: got credentials from NetworkManager-sstp");
g_variant_get (ret, "(&s&s)", &my_username, &my_password);
if (my_username)
g_strlcpy (username, my_username, MAXNAMELEN);
if (my_password)
g_strlcpy (password, my_password, MAXNAMELEN);
g_variant_unref (ret);
return 1;
}
Closing this issue for now, but if you find that the current code in branch still exhibit this behaviour, please re-open the issue again.
It's present in the latest release (1.2.6) and I got it when building for Arch. Hopefully there will be a new release soon :)
I am working on a new release, but the latest from Arch Linux may be older. Are you the maintainer for Arch Linux?
På onsdag 27. januar 2021, 08:15:47 PST skrev Felix Yan <notifications@github.com> følgende:
It's present in the latest release (1.2.6) and I got it when building for Arch. Hopefully there will be a new release soon :)
—
You are receiving this because you modified the open/close state.
Reply to this email directly, view it on GitHub, or unsubscribe.
I am working on a new release, but the latest from Arch Linux may be older. Are you the maintainer for Arch Linux?
Yes I am.