[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: nstrftime.c fails to build due to memset overflow
From: |
Bruno Haible |
Subject: |
Re: nstrftime.c fails to build due to memset overflow |
Date: |
Tue, 14 Mar 2023 17:41:57 +0100 |
Hi,
Marcus Müller wrote:
> However, building coreutils fails in gnulib
The build only fails because coreutils' configure.ac turns warnings into
errors by default in some situation. Use the configure option
--disable-gcc-warnings
or
--enable-gcc-warnings=no
to allow warnings.
> and that does seem to be a significant bug:
>
> make -j8 fails with
>
> lib/nstrftime.c: In function '__strftime_internal':
> lib/nstrftime.c:147:31: error: 'memset' specified size 18446744073709551615
> exceeds maximum object size 9223372036854775807 [-Werror=stringop-overflow=]
> 147 | # define memset_zero(P, Len) (memset (P, '0', Len), (P) += (Len))
> | ^~~~~~~~~~~~~~~~~~~~
> lib/nstrftime.c:174:17: note: in expansion of macro 'memset_zero'
> 174 | memset_zero (p, _delta);
> \
> | ^~~~~~~~~~~
> lib/nstrftime.c:188:31: note: in expansion of macro 'width_add'
> 188 | # define width_add1(width, c) width_add (width, 1, *p = c)
> | ^~~~~~~~~
> lib/nstrftime.c:1047:17: note: in expansion of macro 'width_add1'
> 1047 | width_add1 (0, sign_char);
> | ^~~~~~~~~~
>
>
> Now, 18446744073709551615 + 1 happens to be 2⁶⁴; so we're actually tryingh to
> `memset(P, '0', -1)` here.
>
> I'm actually having a hard time debugging this, as, to be completely honest,
> I'm not sure how `_delta` ends up being -1:
> if (_n < _w) {
> size_t _delta = _w - _n;
You are on the right way to understanding this. Namely, _n and _w being of
type size_t (thus, unsigned 64-bit), the only way _w - _n can be = 2^64 - 1
with _n < _w is when _n is 0 and _w is 2^64 - 1. But _n has the value of the
second argument to width_add, and that argument is 1 in line 188.
So, this is not a significant bug. It's merely a false positive flagged by
your compiler.
There are *many* -Wstringop-overflow bugs in recent GCC versions, see
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88443
Some of them even have the exact same warning message, see
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=86345
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89337
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100477
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106409
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108377
Bruno
- nstrftime.c fails to build due to memset overflow, Marcus Müller, 2023/03/14
- Re: nstrftime.c fails to build due to memset overflow,
Bruno Haible <=
- Re: nstrftime.c fails to build due to memset overflow, Pádraig Brady, 2023/03/14
- Re: nstrftime.c fails to build due to memset overflow, Bruno Haible, 2023/03/14
- Re: nstrftime.c fails to build due to memset overflow, Marcus Müller, 2023/03/14
- Re: nstrftime.c fails to build due to memset overflow, Paul Eggert, 2023/03/14
- Re: nstrftime.c fails to build due to memset overflow, Marcus Müller, 2023/03/15
- Re: nstrftime.c fails to build due to memset overflow, Paul Eggert, 2023/03/15
- Re: nstrftime.c fails to build due to memset overflow, Marcus Müller, 2023/03/15
- Re: nstrftime.c fails to build due to memset overflow, Paul Eggert, 2023/03/15
- Re: nstrftime.c fails to build due to memset overflow, Marcus Müller, 2023/03/16