From: José Bollo Date: Tue, 2 Apr 2019 14:49:09 +0000 (+0200) Subject: Fix false ***buffer overflow*** detection X-Git-Tag: 7.99.1~18 X-Git-Url: https://gerrit.automotivelinux.org/gerrit/gitweb?p=src%2Fapp-framework-binder.git;a=commitdiff_plain;h=60cd11786766ebc148b7ec088962dd6e112f8762 Fix false ***buffer overflow*** detection The compiling option __FORTIFY_SOURCE=2 introduced a false ***buffer overflow*** detection when the flexible array 'pattern' was initilized in globset. The compiler is only complaining when the array is in a struct that is in a struct like struct { ...; struct { ...; char name[1]; }} To avoid these false detections, it is enougth to ellipsese the dimension of the array. Seems to be the now standard way of declaring flexible arrays when it was before an extension. So now: struct { ...; struct { ...; char name[]; }} works even when __FORTIFY_SOURCE=2. Bug-AGL: SPEC-2292 Change-Id: I4b4a5df505a5357f92b9ab1657175911198ca582 Signed-off-by: José Bollo --- diff --git a/conf.d/packaging/rpm/agl-app-framework-binder.spec b/conf.d/packaging/rpm/agl-app-framework-binder.spec index 150fd9f6..e41fd964 100644 --- a/conf.d/packaging/rpm/agl-app-framework-binder.spec +++ b/conf.d/packaging/rpm/agl-app-framework-binder.spec @@ -57,7 +57,7 @@ This service is evolving permanently and is only designed as a helper for develo %build export PKG_CONFIG_PATH=%{_libdir}/pkgconfig -%cmake -DAGL_DEVEL=1 -DINCLUDE_MONITORING=ON -DCMAKE_C_FLAGS="-D_FORTIFY_SOURCE=1" +%cmake -DAGL_DEVEL=1 -DINCLUDE_MONITORING=ON" %__make %{?_smp_mflags} diff --git a/src/afb-api-dbus.c b/src/afb-api-dbus.c index 562465e2..1f254d16 100644 --- a/src/afb-api-dbus.c +++ b/src/afb-api-dbus.c @@ -666,7 +666,7 @@ struct origin struct afb_cred *cred; /* the origin */ - char name[1]; + char name[]; }; /* get the credentials for the message */ @@ -710,7 +710,7 @@ static struct origin *afb_api_dbus_server_origin_get(struct api_dbus *api, const } /* not found, create it */ - origin = malloc(strlen(sender) + sizeof *origin); + origin = malloc(strlen(sender) + 1 + sizeof *origin); if (origin == NULL) errno = ENOMEM; else { diff --git a/src/afb-api-ws.c b/src/afb-api-ws.c index b9219d0e..3d2445ac 100644 --- a/src/afb-api-ws.c +++ b/src/afb-api-ws.c @@ -43,7 +43,7 @@ struct api_ws_server struct afb_apiset *apiset; /* the apiset for calling */ struct fdev *fdev; /* fdev handler */ uint16_t offapi; /* api name of the interface */ - char uri[1]; /* the uri of the server socket */ + char uri[]; /* the uri of the server socket */ }; /******************************************************************************/ @@ -206,7 +206,7 @@ int afb_api_ws_add_server(const char *uri, struct afb_apiset *declare_set, struc /* make the structure */ lapi = strlen(api); extra = luri == (api - uri) + lapi ? 0 : lapi + 1; - apiws = malloc(sizeof * apiws + luri + extra); + apiws = malloc(sizeof * apiws + 1 + luri + extra); if (!apiws) { ERROR("out of memory"); errno = ENOMEM; diff --git a/src/afb-apiset.c b/src/afb-apiset.c index 468a3646..16ded968 100644 --- a/src/afb-apiset.c +++ b/src/afb-apiset.c @@ -73,7 +73,7 @@ struct api_alias { struct api_alias *next; struct api_desc *api; - char name[1]; + char name[]; }; /** @@ -83,7 +83,7 @@ struct api_class { struct api_class *next; struct api_array providers; - char name[1]; + char name[]; }; /** @@ -92,7 +92,7 @@ struct api_class struct api_depend { struct afb_apiset *set; - char name[1]; + char name[]; }; /** @@ -110,7 +110,7 @@ struct afb_apiset } onlack; /** not found handler */ int timeout; /**< the timeout in second for the apiset */ int refcount; /**< reference count for freeing resources */ - char name[1]; /**< name of the apiset */ + char name[]; /**< name of the apiset */ }; /** @@ -215,7 +215,7 @@ static struct api_class *class_search(const char *name, int create) if (!create) return NULL; - c = calloc(1, strlen(name) + sizeof *c); + c = calloc(1, strlen(name) + 1 + sizeof *c); if (!c) errno = ENOMEM; else { @@ -341,7 +341,7 @@ struct afb_apiset *afb_apiset_create(const char *name, int timeout) { struct afb_apiset *set; - set = calloc(1, (name ? strlen(name) : 0) + sizeof *set); + set = calloc(1, (name ? strlen(name) : 0) + 1 + sizeof *set); if (set) { set->timeout = timeout; set->refcount = 1; @@ -545,7 +545,7 @@ int afb_apiset_add_alias(struct afb_apiset *set, const char *name, const char *a } /* allocates and init the struct */ - ali = malloc(sizeof *ali + strlen(alias)); + ali = malloc(sizeof *ali + strlen(alias) + 1); if (ali == NULL) { ERROR("out of memory"); errno = ENOMEM; @@ -1079,7 +1079,7 @@ int afb_apiset_require(struct afb_apiset *set, const char *name, const char *req if (!a) errno = ENOENT; else { - d = malloc(strlen(required) + sizeof *d); + d = malloc(strlen(required) + 1 + sizeof *d); if (!d) errno = ENOMEM; else { diff --git a/src/afb-evt.c b/src/afb-evt.c index 0467bef1..a75cbbcc 100644 --- a/src/afb-evt.c +++ b/src/afb-evt.c @@ -86,7 +86,7 @@ struct afb_evtid { int id; /* fullname of the event */ - char fullname[1]; + char fullname[]; }; /* @@ -296,7 +296,7 @@ struct afb_evtid *afb_evt_evtid_create(const char *fullname) /* allocates the event */ len = strlen(fullname); - evtid = malloc(len + sizeof * evtid); + evtid = malloc(len + 1 + sizeof * evtid); if (evtid == NULL) goto error; diff --git a/src/afb-export.c b/src/afb-export.c index 8ebe8e06..b46e6a08 100644 --- a/src/afb-export.c +++ b/src/afb-export.c @@ -170,7 +170,7 @@ struct afb_export } export; /* initial name */ - char name[1]; + char name[]; }; /*****************************************************************************/ @@ -1372,7 +1372,7 @@ static struct afb_export *create( return NULL; } lenapi = strlen(apiname); - export = calloc(1, sizeof *export + lenapi + (path == apiname || !path ? 0 : strlen(path))); + export = calloc(1, sizeof *export + 1 + lenapi + (path == apiname || !path ? 0 : strlen(path))); if (!export) errno = ENOMEM; else { diff --git a/src/afb-hsrv.c b/src/afb-hsrv.c index ed0adeeb..3f11047e 100644 --- a/src/afb-hsrv.c +++ b/src/afb-hsrv.c @@ -56,7 +56,7 @@ struct hsrv_itf { struct hsrv_itf *next; struct afb_hsrv *hsrv; struct fdev *fdev; - char uri[1]; + char uri[]; }; struct hsrv_handler { @@ -562,7 +562,7 @@ int afb_hsrv_add_interface(struct afb_hsrv *hsrv, const char *uri) { struct hsrv_itf *itf; - itf = malloc(sizeof *itf + strlen(uri)); + itf = malloc(sizeof *itf + 1 + strlen(uri)); if (itf == NULL) return -1; diff --git a/src/afb-stub-ws.c b/src/afb-stub-ws.c index b362c127..3c28871c 100644 --- a/src/afb-stub-ws.c +++ b/src/afb-stub-ws.c @@ -145,7 +145,7 @@ struct afb_stub_ws uint8_t is_client; /* the api name */ - char apiname[1]; + char apiname[]; }; static struct afb_proto_ws *afb_stub_ws_create_proto(struct afb_stub_ws *stubws, struct fdev *fdev, uint8_t server); @@ -673,7 +673,7 @@ static struct afb_stub_ws *afb_stub_ws_create(struct fdev *fdev, const char *api { struct afb_stub_ws *stubws; - stubws = calloc(1, sizeof *stubws + strlen(apiname)); + stubws = calloc(1, sizeof *stubws + 1 + strlen(apiname)); if (stubws == NULL) errno = ENOMEM; else { diff --git a/src/afb-trace.c b/src/afb-trace.c index 802015fa..0de78da5 100644 --- a/src/afb-trace.c +++ b/src/afb-trace.c @@ -67,7 +67,7 @@ /* struct for tags */ struct tag { struct tag *next; /* link to the next */ - char tag[1]; /* name of the tag */ + char tag[]; /* name of the tag */ }; /* struct for events */ @@ -1073,7 +1073,7 @@ static struct tag *trace_get_tag(struct afb_trace *trace, const char *name, int if (!tag && alloc) { /* creation if needed */ - tag = malloc(sizeof * tag + strlen(name)); + tag = malloc(sizeof * tag + 1 + strlen(name)); if (tag) { strcpy(tag->tag, name); tag->next = trace->tags; diff --git a/src/globset.c b/src/globset.c index 2bad449f..5e414ddf 100644 --- a/src/globset.c +++ b/src/globset.c @@ -323,7 +323,7 @@ int globset_add( } /* not found, create it */ - ph = malloc(len + sizeof *ph); + ph = malloc(1 + len + sizeof *ph); if (!ph) return -1; diff --git a/src/globset.h b/src/globset.h index 58cbd3de..85fdd192 100644 --- a/src/globset.h +++ b/src/globset.h @@ -26,7 +26,7 @@ struct globset_handler void *closure; /* the pattern */ - char pattern[1]; + char pattern[]; }; struct globset; diff --git a/src/locale-root.c b/src/locale-root.c index fa620fee..4d141b86 100644 --- a/src/locale-root.c +++ b/src/locale-root.c @@ -47,7 +47,7 @@ static const char locales[] = "locales/"; struct locale_folder { struct locale_folder *parent; size_t length; - char name[1]; + char name[]; }; struct locale_container { @@ -67,7 +67,7 @@ struct locale_search { struct locale_root *root; struct locale_search_node *head; int refcount; - char definition[1]; + char definition[]; }; struct locale_root { @@ -102,7 +102,7 @@ static int add_folder(struct locale_container *container, const char *name) if (folders != NULL) { container->folders = folders; length = strlen(name); - folders[count] = malloc(sizeof **folders + length); + folders[count] = malloc(sizeof **folders + 1 + length); if (folders[count] != NULL) { folders[count]->parent = NULL; folders[count]->length = length; @@ -362,7 +362,7 @@ static struct locale_search *create_search(struct locale_root *root, const char struct locale_search_node *node; /* allocate the structure */ - search = malloc(sizeof *search + length); + search = malloc(sizeof *search + 1 + length); if (search == NULL) { errno = ENOMEM; } else {