Fix this warning when building with GCC9 on Fedora 30:
In function ‘strncpy’,
inlined from ‘sys_uname’ at /home/alistair/qemu/linux-user/uname.c:94:3:
/usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ output may be truncated copying 64 bytes from a string of length 64 [-Werror=stringop-truncation]
106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
---
linux-user/uname.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/linux-user/uname.c b/linux-user/uname.c
index 313b79dbad..2fc6096a5b 100644
--- a/linux-user/uname.c
+++ b/linux-user/uname.c
@@ -73,7 +73,7 @@ const char *cpu_to_uname_machine(void *cpu_env)
#define COPY_UTSNAME_FIELD(dest, src) \
do { \
/* __NEW_UTS_LEN doesn't include terminating null */ \
- (void) strncpy((dest), (src), __NEW_UTS_LEN); \
+ (void) memcpy((dest), (src), MIN(strlen(src), __NEW_UTS_LEN)); \
(dest)[__NEW_UTS_LEN] = '\0'; \
} while (0)
--
2.21.0
On 01/05/2019 01:28, Alistair Francis wrote:
> Fix this warning when building with GCC9 on Fedora 30:
> In function ‘strncpy’,
> inlined from ‘sys_uname’ at /home/alistair/qemu/linux-user/uname.c:94:3:
> /usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ output may be truncated copying 64 bytes from a string of length 64 [-Werror=stringop-truncation]
> 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> ---
> linux-user/uname.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/linux-user/uname.c b/linux-user/uname.c
> index 313b79dbad..2fc6096a5b 100644
> --- a/linux-user/uname.c
> +++ b/linux-user/uname.c
> @@ -73,7 +73,7 @@ const char *cpu_to_uname_machine(void *cpu_env)
> #define COPY_UTSNAME_FIELD(dest, src) \
> do { \
> /* __NEW_UTS_LEN doesn't include terminating null */ \
> - (void) strncpy((dest), (src), __NEW_UTS_LEN); \
> + (void) memcpy((dest), (src), MIN(strlen(src), __NEW_UTS_LEN)); \
You should use MIN(strlen(src) + 1, __NEW_UTS_LEN) to copy the NUL
character if it is present and fit in __NEW_UTS_LEN.
> (dest)[__NEW_UTS_LEN] = '\0'; \
> } while (0)
>
>
On Wed, May 01, 2019 at 11:40:13AM +0200, Laurent Vivier wrote:
> On 01/05/2019 01:28, Alistair Francis wrote:
> > Fix this warning when building with GCC9 on Fedora 30:
> > In function ‘strncpy’,
> > inlined from ‘sys_uname’ at /home/alistair/qemu/linux-user/uname.c:94:3:
> > /usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ output may be truncated copying 64 bytes from a string of length 64 [-Werror=stringop-truncation]
> > 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
> > | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> >
> > Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> > ---
> > linux-user/uname.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/linux-user/uname.c b/linux-user/uname.c
> > index 313b79dbad..2fc6096a5b 100644
> > --- a/linux-user/uname.c
> > +++ b/linux-user/uname.c
> > @@ -73,7 +73,7 @@ const char *cpu_to_uname_machine(void *cpu_env)
> > #define COPY_UTSNAME_FIELD(dest, src) \
> > do { \
> > /* __NEW_UTS_LEN doesn't include terminating null */ \
> > - (void) strncpy((dest), (src), __NEW_UTS_LEN); \
> > + (void) memcpy((dest), (src), MIN(strlen(src), __NEW_UTS_LEN)); \
>
> You should use MIN(strlen(src) + 1, __NEW_UTS_LEN) to copy the NUL
> character if it is present and fit in __NEW_UTS_LEN.
IMHO we shouldn't use strlen at all. I proposed fixing it using sizeof()
instead here:
https://lists.gnu.org/archive/html/qemu-devel/2019-04/msg02154.html
>
> > (dest)[__NEW_UTS_LEN] = '\0'; \
> > } while (0)
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
On 01/05/2019 11:44, Daniel P. Berrangé wrote:
> On Wed, May 01, 2019 at 11:40:13AM +0200, Laurent Vivier wrote:
>> On 01/05/2019 01:28, Alistair Francis wrote:
>>> Fix this warning when building with GCC9 on Fedora 30:
>>> In function ‘strncpy’,
>>> inlined from ‘sys_uname’ at /home/alistair/qemu/linux-user/uname.c:94:3:
>>> /usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ output may be truncated copying 64 bytes from a string of length 64 [-Werror=stringop-truncation]
>>> 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
>>> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>>
>>> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
>>> ---
>>> linux-user/uname.c | 2 +-
>>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>>
>>> diff --git a/linux-user/uname.c b/linux-user/uname.c
>>> index 313b79dbad..2fc6096a5b 100644
>>> --- a/linux-user/uname.c
>>> +++ b/linux-user/uname.c
>>> @@ -73,7 +73,7 @@ const char *cpu_to_uname_machine(void *cpu_env)
>>> #define COPY_UTSNAME_FIELD(dest, src) \
>>> do { \
>>> /* __NEW_UTS_LEN doesn't include terminating null */ \
>>> - (void) strncpy((dest), (src), __NEW_UTS_LEN); \
>>> + (void) memcpy((dest), (src), MIN(strlen(src), __NEW_UTS_LEN)); \
>>
>> You should use MIN(strlen(src) + 1, __NEW_UTS_LEN) to copy the NUL
>> character if it is present and fit in __NEW_UTS_LEN.
>
> IMHO we shouldn't use strlen at all. I proposed fixing it using sizeof()
> instead here:
>
> https://lists.gnu.org/archive/html/qemu-devel/2019-04/msg02154.html
>
Yes, it's better.
Thanks,
Laurent
On 5/1/19 4:40 AM, Laurent Vivier wrote:
> On 01/05/2019 01:28, Alistair Francis wrote:
>> Fix this warning when building with GCC9 on Fedora 30:
>> In function ‘strncpy’,
>> inlined from ‘sys_uname’ at /home/alistair/qemu/linux-user/uname.c:94:3:
>> /usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ output may be truncated copying 64 bytes from a string of length 64 [-Werror=stringop-truncation]
>> 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
>> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>
>> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
>> ---
>> linux-user/uname.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/linux-user/uname.c b/linux-user/uname.c
>> index 313b79dbad..2fc6096a5b 100644
>> --- a/linux-user/uname.c
>> +++ b/linux-user/uname.c
>> @@ -73,7 +73,7 @@ const char *cpu_to_uname_machine(void *cpu_env)
>> #define COPY_UTSNAME_FIELD(dest, src) \
>> do { \
>> /* __NEW_UTS_LEN doesn't include terminating null */ \
>> - (void) strncpy((dest), (src), __NEW_UTS_LEN); \
>> + (void) memcpy((dest), (src), MIN(strlen(src), __NEW_UTS_LEN)); \
>
> You should use MIN(strlen(src) + 1, __NEW_UTS_LEN) to copy the NUL
> character if it is present and fit in __NEW_UTS_LEN.
No, the NUL character is already present, due to the memset() prior to
any use of COPY_UTSNAME_FIELD(). However, the commit message should
call that out, as it is not part of the default 3-line diff.
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3226
Virtualization: qemu.org | libvirt.org
On Wed, May 1, 2019 at 5:00 AM Eric Blake <eblake@redhat.com> wrote:
>
> On 5/1/19 4:40 AM, Laurent Vivier wrote:
> > On 01/05/2019 01:28, Alistair Francis wrote:
> >> Fix this warning when building with GCC9 on Fedora 30:
> >> In function ‘strncpy’,
> >> inlined from ‘sys_uname’ at /home/alistair/qemu/linux-user/uname.c:94:3:
> >> /usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ output may be truncated copying 64 bytes from a string of length 64 [-Werror=stringop-truncation]
> >> 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
> >> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> >>
> >> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
I'm dropping this patch in favour of the other one.
Alistair
> >> ---
> >> linux-user/uname.c | 2 +-
> >> 1 file changed, 1 insertion(+), 1 deletion(-)
> >>
> >> diff --git a/linux-user/uname.c b/linux-user/uname.c
> >> index 313b79dbad..2fc6096a5b 100644
> >> --- a/linux-user/uname.c
> >> +++ b/linux-user/uname.c
> >> @@ -73,7 +73,7 @@ const char *cpu_to_uname_machine(void *cpu_env)
> >> #define COPY_UTSNAME_FIELD(dest, src) \
> >> do { \
> >> /* __NEW_UTS_LEN doesn't include terminating null */ \
> >> - (void) strncpy((dest), (src), __NEW_UTS_LEN); \
> >> + (void) memcpy((dest), (src), MIN(strlen(src), __NEW_UTS_LEN)); \
> >
> > You should use MIN(strlen(src) + 1, __NEW_UTS_LEN) to copy the NUL
> > character if it is present and fit in __NEW_UTS_LEN.
>
> No, the NUL character is already present, due to the memset() prior to
> any use of COPY_UTSNAME_FIELD(). However, the commit message should
> call that out, as it is not part of the default 3-line diff.
>
> --
> Eric Blake, Principal Software Engineer
> Red Hat, Inc. +1-919-301-3226
> Virtualization: qemu.org | libvirt.org
>
© 2016 - 2025 Red Hat, Inc.