| Age | Commit message (Collapse) | Author |
|---|
|
|
|
It seems that annotating sprintf with `write` makes gcc unhappy, as its
analyser is unable to understand that we're checking if `__b != -1` before
calling `__orig_snprintf`, so let's comment this annotation for now.
|
|
In the same spirit as the previous commit.
Reported-by: ncopa
|
|
This fix the following issue:
```
In file included from exec-cmd.c:9:
In function 'vsnprintf',
inlined from 'report.constprop' at subcmd-util.h:13:2:
/usr/include/fortify/stdio.h:162:16: error: 'msg' may be used uninitialized [-Werror=maybe-uninitialized]
162 | return __orig_vsnprintf(__s, __n, __f, __v);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from /usr/include/fortify/strings.h:23,
from /usr/include/string.h:59,
from /usr/include/fortify/string.h:23,
from /home/ncopa/aports/main/linux-lts/src/linux-6.6/tools/include/linux/string.h:6,
from exec-cmd.c:3:
/usr/include/fortify/stdio.h: In function 'report.constprop':
/usr/include/fortify/stdio.h:152:1: note: in a call to '__orig_vsnprintf' declared with attribute 'access (read_write, 1, 2)' here
152 | _FORTIFY_FN(vsnprintf) int vsnprintf(char * _FORTIFY_POS0 __s, size_t __n,
| ^~~~~~~~~~~
In file included from exec-cmd.c:10:
subcmd-util.h:12:14: note: 'msg' declared here
12 | char msg[1024];
| ^~~
cc1: all warnings being treated as errors
make[5]: *** [/home/ncopa/aports/main/linux-lts/src/linux-6.6/tools/build/Makefile.build:98: /home/ncopa/aports/main/linux-lts/src/build-virt.x86_64/tools/objtool/libsubcmd/exec-cmd.o] Error 1
make[4]: *** [Makefile:80: /home/ncopa/aports/main/linux-lts/src/build-virt.x86_64/tools/objtool/libsubcmd/libsubcmd-in.o] Error 2
make[3]: *** [Makefile:78: /home/ncopa/aports/main/linux-lts/src/build-virt.x86_64/tools/objtool/libsubcmd/libsubcmd.a] Error 2
make[2]: *** [Makefile:73: objtool] Error 2
make[1]: *** [/home/ncopa/aports/main/linux-lts/src/linux-6.6/Makefile:1362: tools/objtool] Error 2
make: *** [/home/ncopa/aports/main/linux-lts/src/linux-6.6/Makefile:234: __sub-make] Error 2
```
Reported-by: ncopa
|
|
just in case, and because 'PEDANTIC_CHECKS' is a really generic name
|
|
- They're not used anywhere else in fortify-headers
- It's breaking compilation on C++, because compatibility is hard
It was initially reported on https://gitlab.alpinelinux.org/alpine/aports/-/issues/16200
|
|
The only hardening being done here is to set the char** parameter to thos
functions to NULL in case of an error, to prevent it from being used should
people forget to check return values. This is already done on some BSD, as well
as in Rocky Linux.
|
|
|
|
Fixes https://github.com/jvoisin/fortify-headers/issues/34
|
|
This should fix #32
|
|
See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110834
Reported-by: ksperling-apple
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- Remove a superfluous `#if defined(__has_builtin)` since it's already
accounted for in include/fortify-headers.h
- Replace `_FORTIFY_FD_POS0` with the already existing `_FORTIFY_POS0`
- Factorise some duplicate code into a macro
|
|
|
|
|
|
|
|
- s/CLFAGS/CFLAGS/
- provide paths to local includes
- sprinkle more __pass_object_size__
- remove a problematic test
|
|
|
|
|
|
|
|
|
|
|
|
It seems useless and triggers 'error: expected external declaration'
|
|
|
|
GCC and Clang provide __builtin_dynamic_object_size
(see documentation: https://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html),
so we should make use of it when its available.
|
|
A few important notes:
* __extension__ is a GNU C "alternate" keyword, not a C++ keyword.[1]
* __extension__ is designed to work on "expressions"; it does work on
#include_next in C mode, but it has no effect in C++ mode; the
warning will still appear, if enabled, even with __extension__
preceding #include_next. This is because #include_next is not
considered an expression in C++, so the compiler attaches
__extension__ to the first expression of the header.
All of this leads us to a build failure while building at least all
Mozilla software. Moz has an alternate -isystem dir searched before
/usr/include that overrides some headers, including <features.h>. The
first statement in each of these headers is a #pragma, and since
__extension__ is looking for an expression, and #pragma is a "null"
expression, we end up with the following error:
dist/system_wrappers/features.h:1:9: error: '#pragma' is not allowed here
Since __extension__ has no effect on #include_next in C++ mode anyway,
and since it can cause breakage, this commit omits __extension__ in C++
mode.
[1]: https://gcc.gnu.org/onlinedocs/gcc-6.4.0/gcc/Alternate-Keywords.html
|
|
|
|
Signed-off-by: Steven Barth <steven@midlink.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Requires at least GCC 4.3.
|
|
vsprintf() needs to access __vsnprintf_orig().
|
|
|
|
Overriding functions with macros is legal in C but a lot of software
is not prepared for it. Use the extern inline method to achieve the
same result.
|
|
fortify-headers is considered part of the implementation.
|
|
It is not legal to override standard functions using macros in C++.
We may have to revisit this in the future.
|
|
|
