[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
nstrftime.c fails to build due to memset overflow
From: |
Marcus Müller |
Subject: |
nstrftime.c fails to build due to memset overflow |
Date: |
Tue, 14 Mar 2023 14:55:43 +0100 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.8.0 |
Dear Gnulib community,
On Linux, x86_64, Fedora 37, ran, on today's coreutils' HEAD (e68b15), which
submodule-includes gnulib f17d3977:
CFLAGS=-Wno-deprecated-declarations ./configure
(as that CFLAGS is necessary, otherwise sha will fail to build due to using
deprecated functionality; no big issue).
However, building coreutils fails in gnulib and that does seem to be a
significant bug:
make -j8 fails with
lib/nstrftime.c: In function '__strftime_internal':
lib/nstrftime.c:147:31: error: 'memset' specified size 18446744073709551615
exceeds maximum object size 9223372036854775807 [-Werror=stringop-overflow=]
147 | # define memset_zero(P, Len) (memset (P, '0', Len), (P) += (Len))
| ^~~~~~~~~~~~~~~~~~~~
lib/nstrftime.c:174:17: note: in expansion of macro 'memset_zero'
174 | memset_zero (p, _delta);
\
| ^~~~~~~~~~~
lib/nstrftime.c:188:31: note: in expansion of macro 'width_add'
188 | # define width_add1(width, c) width_add (width, 1, *p = c)
| ^~~~~~~~~
lib/nstrftime.c:1047:17: note: in expansion of macro 'width_add1'
1047 | width_add1 (0, sign_char);
| ^~~~~~~~~~
Now, 18446744073709551615 + 1 happens to be 2⁶⁴; so we're actually tryingh to
`memset(P, '0', -1)` here.
I'm actually having a hard time debugging this, as, to be completely honest,
I'm not sure how `_delta` ends up being -1:
if (_n < _w) {
size_t _delta = _w - _n;
…
But it does!
But then again, I'm also not sure why this macro from 1996 has a parameter `f`
that it just – ignores. I'm at a point at which I'm not sure who or what to
blame ;)
I'll venture the guess that there's a combination of unexpected (un)signedness and side effects
from things that should have been passed as arguments to a function instead of being
"silently" "captured" by this macro.
Best regards,
Marcus
- nstrftime.c fails to build due to memset overflow,
Marcus Müller <=