-Werror=stringop-overflow= in src/nm-sstp-pppd-plugin.c

Question

-Werror=stringop-overflow= in src/nm-sstp-pppd-plugin.c

felixonmars opened this issue 3 years ago · comments

In file included from /usr/include/string.h:519,
                 from /usr/include/glib-2.0/glib/gslice.h:26,
                 from /usr/include/glib-2.0/glib.h:79,
                 from /usr/include/glib-2.0/gobject/gbinding.h:28,
                 from /usr/include/glib-2.0/glib-object.h:22,
                 from /usr/include/glib-2.0/gio/gioenums.h:28,
                 from /usr/include/glib-2.0/gio/giotypes.h:28,
                 from /usr/include/glib-2.0/gio/gio.h:26,
                 from ./shared/nm-utils/nm-glib.h:24,
                 from ./shared/nm-default.h:48,
                 from src/nm-sstp-pppd-plugin.c:34:
In function ‘strncpy’,
    inlined from ‘get_credentials’ at src/nm-sstp-pppd-plugin.c:551:3:
/usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ specified bound depends on the length of the source argument [-Werror=stringop-overflow=]
  106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
src/nm-sstp-pppd-plugin.c: In function ‘get_credentials’:
src/nm-sstp-pppd-plugin.c:548:9: note: length computed here
  548 |   len = strlen (my_username) + 1;
      |         ^~~~~~~~~~~~~~~~~~~~
In file included from /usr/include/string.h:519,
                 from /usr/include/glib-2.0/glib/gslice.h:26,
                 from /usr/include/glib-2.0/glib.h:79,
                 from /usr/include/glib-2.0/gobject/gbinding.h:28,
                 from /usr/include/glib-2.0/glib-object.h:22,
                 from /usr/include/glib-2.0/gio/gioenums.h:28,
                 from /usr/include/glib-2.0/gio/giotypes.h:28,
                 from /usr/include/glib-2.0/gio/gio.h:26,
                 from ./shared/nm-utils/nm-glib.h:24,
                 from ./shared/nm-default.h:48,
                 from src/nm-sstp-pppd-plugin.c:34:
In function ‘strncpy’,
    inlined from ‘get_credentials’ at src/nm-sstp-pppd-plugin.c:559:3:
/usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ specified bound depends on the length of the source argument [-Werror=stringop-overflow=]
  106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
src/nm-sstp-pppd-plugin.c: In function ‘get_credentials’:
src/nm-sstp-pppd-plugin.c:556:9: note: length computed here
  556 |   len = strlen (my_password) + 1;
      |         ^~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
make[2]: *** [Makefile:1243: src/nm_sstp_pppd_plugin_la-nm-sstp-pppd-plugin.lo] Error 1

Eivind Næss · Answer 1 · Wed Jan 27 2021 23:45:58 GMT+0800 (China Standard Time)

What version of the code are you looking at? Currently, the function get_credentials() doesn't exist and got replaced with the current implementation:

/**
 * Invoke Network Manager to extract the secret saved for this connection
 */
static int
nm_get_credentials (char *username, char *password)
{
    const char *my_username = NULL;
    const char *my_password = NULL;
    GVariant *ret;
    GError *error = NULL;

    if (!password) {
        /* pppd is checking pap support; return 1 for supported */
        g_return_val_if_fail (username, -1);
        return 1;
    }

    g_return_val_if_fail (username, -1);
    g_return_val_if_fail (G_IS_DBUS_PROXY (gl.proxy), -1);

    _LOGI ("passwd-hook: requesting credentials...");

    ret = g_dbus_proxy_call_sync (gl.proxy,
                                  "NeedSecrets",
                                  NULL,
                                  G_DBUS_CALL_FLAGS_NONE, -1,
                                  NULL, &error);
    if (!ret) {
        _LOGW ("passwd-hook: could not get secrets: %s",
                   error->message);
        g_error_free (error);
        return -1;
    }
    
    _LOGI ("passwd-hook: got credentials from NetworkManager-sstp");
    
    g_variant_get (ret, "(&s&s)", &my_username, &my_password);

    if (my_username)
        g_strlcpy (username, my_username, MAXNAMELEN);

    if (my_password)
        g_strlcpy (password, my_password, MAXNAMELEN);

    g_variant_unref (ret);

    return 1;
}

Closing this issue for now, but if you find that the current code in branch still exhibit this behaviour, please re-open the issue again.

Felix Yan · Answer 2 · Thu Jan 28 2021 00:15:29 GMT+0800 (China Standard Time)

It's present in the latest release (1.2.6) and I got it when building for Arch. Hopefully there will be a new release soon :)

Eivind Næss · Answer 3 · Thu Jan 28 2021 00:24:00 GMT+0800 (China Standard Time)

I am working on a new release, but the latest from Arch Linux may be older. Are you the maintainer for Arch Linux? På onsdag 27. januar 2021, 08:15:47 PST skrev Felix Yan <notifications@github.com> følgende: It's present in the latest release (1.2.6) and I got it when building for Arch. Hopefully there will be a new release soon :) — You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub, or unsubscribe.

Felix Yan · Answer 4 · Thu Jan 28 2021 00:36:21 GMT+0800 (China Standard Time)

I am working on a new release, but the latest from Arch Linux may be older. Are you the maintainer for Arch Linux?

Yes I am.