The compiling option __FORTIFY_SOURCE=2 introduced
a false ***buffer overflow*** detection when the
flexible array 'pattern' was initilized in globset.
The compiler is only complaining when the array is
in a struct that is in a struct like
struct { ...; struct { ...; char name[1]; }}
To avoid these false detections, it is enougth
to ellipsese the dimension of the array. Seems
to be the now standard way of declaring flexible
arrays when it was before an extension. So now:
struct { ...; struct { ...; char name[]; }}
works even when __FORTIFY_SOURCE=2.
Bug-AGL: SPEC-2292
Change-Id: I4b4a5df505a5357f92b9ab1657175911198ca582
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
12 files changed:
%build
export PKG_CONFIG_PATH=%{_libdir}/pkgconfig
%build
export PKG_CONFIG_PATH=%{_libdir}/pkgconfig
-%cmake -DAGL_DEVEL=1 -DINCLUDE_MONITORING=ON -DCMAKE_C_FLAGS="-D_FORTIFY_SOURCE=1"
+%cmake -DAGL_DEVEL=1 -DINCLUDE_MONITORING=ON"
struct afb_cred *cred;
/* the origin */
struct afb_cred *cred;
/* the origin */
};
/* get the credentials for the message */
};
/* get the credentials for the message */
}
/* not found, create it */
}
/* not found, create it */
- origin = malloc(strlen(sender) + sizeof *origin);
+ origin = malloc(strlen(sender) + 1 + sizeof *origin);
if (origin == NULL)
errno = ENOMEM;
else {
if (origin == NULL)
errno = ENOMEM;
else {
struct afb_apiset *apiset; /* the apiset for calling */
struct fdev *fdev; /* fdev handler */
uint16_t offapi; /* api name of the interface */
struct afb_apiset *apiset; /* the apiset for calling */
struct fdev *fdev; /* fdev handler */
uint16_t offapi; /* api name of the interface */
- char uri[1]; /* the uri of the server socket */
+ char uri[]; /* the uri of the server socket */
};
/******************************************************************************/
};
/******************************************************************************/
/* make the structure */
lapi = strlen(api);
extra = luri == (api - uri) + lapi ? 0 : lapi + 1;
/* make the structure */
lapi = strlen(api);
extra = luri == (api - uri) + lapi ? 0 : lapi + 1;
- apiws = malloc(sizeof * apiws + luri + extra);
+ apiws = malloc(sizeof * apiws + 1 + luri + extra);
if (!apiws) {
ERROR("out of memory");
errno = ENOMEM;
if (!apiws) {
ERROR("out of memory");
errno = ENOMEM;
{
struct api_alias *next;
struct api_desc *api;
{
struct api_alias *next;
struct api_desc *api;
{
struct api_class *next;
struct api_array providers;
{
struct api_class *next;
struct api_array providers;
struct api_depend
{
struct afb_apiset *set;
struct api_depend
{
struct afb_apiset *set;
} onlack; /** not found handler */
int timeout; /**< the timeout in second for the apiset */
int refcount; /**< reference count for freeing resources */
} onlack; /** not found handler */
int timeout; /**< the timeout in second for the apiset */
int refcount; /**< reference count for freeing resources */
- char name[1]; /**< name of the apiset */
+ char name[]; /**< name of the apiset */
if (!create)
return NULL;
if (!create)
return NULL;
- c = calloc(1, strlen(name) + sizeof *c);
+ c = calloc(1, strlen(name) + 1 + sizeof *c);
if (!c)
errno = ENOMEM;
else {
if (!c)
errno = ENOMEM;
else {
{
struct afb_apiset *set;
{
struct afb_apiset *set;
- set = calloc(1, (name ? strlen(name) : 0) + sizeof *set);
+ set = calloc(1, (name ? strlen(name) : 0) + 1 + sizeof *set);
if (set) {
set->timeout = timeout;
set->refcount = 1;
if (set) {
set->timeout = timeout;
set->refcount = 1;
}
/* allocates and init the struct */
}
/* allocates and init the struct */
- ali = malloc(sizeof *ali + strlen(alias));
+ ali = malloc(sizeof *ali + strlen(alias) + 1);
if (ali == NULL) {
ERROR("out of memory");
errno = ENOMEM;
if (ali == NULL) {
ERROR("out of memory");
errno = ENOMEM;
if (!a)
errno = ENOENT;
else {
if (!a)
errno = ENOENT;
else {
- d = malloc(strlen(required) + sizeof *d);
+ d = malloc(strlen(required) + 1 + sizeof *d);
if (!d)
errno = ENOMEM;
else {
if (!d)
errno = ENOMEM;
else {
int id;
/* fullname of the event */
int id;
/* fullname of the event */
/* allocates the event */
len = strlen(fullname);
/* allocates the event */
len = strlen(fullname);
- evtid = malloc(len + sizeof * evtid);
+ evtid = malloc(len + 1 + sizeof * evtid);
if (evtid == NULL)
goto error;
if (evtid == NULL)
goto error;
} export;
/* initial name */
} export;
/* initial name */
};
/*****************************************************************************/
};
/*****************************************************************************/
return NULL;
}
lenapi = strlen(apiname);
return NULL;
}
lenapi = strlen(apiname);
- export = calloc(1, sizeof *export + lenapi + (path == apiname || !path ? 0 : strlen(path)));
+ export = calloc(1, sizeof *export + 1 + lenapi + (path == apiname || !path ? 0 : strlen(path)));
if (!export)
errno = ENOMEM;
else {
if (!export)
errno = ENOMEM;
else {
struct hsrv_itf *next;
struct afb_hsrv *hsrv;
struct fdev *fdev;
struct hsrv_itf *next;
struct afb_hsrv *hsrv;
struct fdev *fdev;
- itf = malloc(sizeof *itf + strlen(uri));
+ itf = malloc(sizeof *itf + 1 + strlen(uri));
if (itf == NULL)
return -1;
if (itf == NULL)
return -1;
uint8_t is_client;
/* the api name */
uint8_t is_client;
/* the api name */
};
static struct afb_proto_ws *afb_stub_ws_create_proto(struct afb_stub_ws *stubws, struct fdev *fdev, uint8_t server);
};
static struct afb_proto_ws *afb_stub_ws_create_proto(struct afb_stub_ws *stubws, struct fdev *fdev, uint8_t server);
{
struct afb_stub_ws *stubws;
{
struct afb_stub_ws *stubws;
- stubws = calloc(1, sizeof *stubws + strlen(apiname));
+ stubws = calloc(1, sizeof *stubws + 1 + strlen(apiname));
if (stubws == NULL)
errno = ENOMEM;
else {
if (stubws == NULL)
errno = ENOMEM;
else {
/* struct for tags */
struct tag {
struct tag *next; /* link to the next */
/* struct for tags */
struct tag {
struct tag *next; /* link to the next */
- char tag[1]; /* name of the tag */
+ char tag[]; /* name of the tag */
};
/* struct for events */
};
/* struct for events */
if (!tag && alloc) {
/* creation if needed */
if (!tag && alloc) {
/* creation if needed */
- tag = malloc(sizeof * tag + strlen(name));
+ tag = malloc(sizeof * tag + 1 + strlen(name));
if (tag) {
strcpy(tag->tag, name);
tag->next = trace->tags;
if (tag) {
strcpy(tag->tag, name);
tag->next = trace->tags;
}
/* not found, create it */
}
/* not found, create it */
- ph = malloc(len + sizeof *ph);
+ ph = malloc(1 + len + sizeof *ph);
void *closure;
/* the pattern */
void *closure;
/* the pattern */
struct locale_folder {
struct locale_folder *parent;
size_t length;
struct locale_folder {
struct locale_folder *parent;
size_t length;
};
struct locale_container {
};
struct locale_container {
struct locale_root *root;
struct locale_search_node *head;
int refcount;
struct locale_root *root;
struct locale_search_node *head;
int refcount;
if (folders != NULL) {
container->folders = folders;
length = strlen(name);
if (folders != NULL) {
container->folders = folders;
length = strlen(name);
- folders[count] = malloc(sizeof **folders + length);
+ folders[count] = malloc(sizeof **folders + 1 + length);
if (folders[count] != NULL) {
folders[count]->parent = NULL;
folders[count]->length = length;
if (folders[count] != NULL) {
folders[count]->parent = NULL;
folders[count]->length = length;
struct locale_search_node *node;
/* allocate the structure */
struct locale_search_node *node;
/* allocate the structure */
- search = malloc(sizeof *search + length);
+ search = malloc(sizeof *search + 1 + length);
if (search == NULL) {
errno = ENOMEM;
} else {
if (search == NULL) {
errno = ENOMEM;
} else {