aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMartin Sebor <msebor@redhat.com>2017-11-15 17:39:59 -0700
committerMartin Sebor <msebor@redhat.com>2017-11-15 17:39:59 -0700
commit7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c (patch)
treec6c0117b6959160bc128ee661b3ed08420177c5e
parentd9611e308592355718b36fe085b7b61aa52911e5 (diff)
downloadglibc-7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c.zip
glibc-7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c.tar.gz
glibc-7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c.tar.bz2
The -Wstringop-truncation option new in GCC 8 detects common misuses
of the strncat and strncpy function that may result in truncating the copied string before the terminating NUL. To avoid false positive warnings for correct code that intentionally creates sequences of characters that aren't guaranteed to be NUL-terminated, arrays that are intended to store such sequences should be decorated with a new nonstring attribute. This change add this attribute to Glibc and uses it to suppress such false positives. ChangeLog: * misc/sys/cdefs.h (__attribute_nonstring__): New macro. * sysdeps/gnu/bits/utmp.h (struct utmp): Use it. * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same.
-rw-r--r--ChangeLog6
-rw-r--r--misc/sys/cdefs.h9
-rw-r--r--sysdeps/gnu/bits/utmp.h9
-rw-r--r--sysdeps/unix/sysv/linux/s390/bits/utmp.h9
4 files changed, 27 insertions, 6 deletions
diff --git a/ChangeLog b/ChangeLog
index 167ff20..d7d81ac 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2017-11-15 Martin Sebor <msebor@redhat.com>
+
+ * misc/sys/cdefs.h (__attribute_nonstring__): New macro.
+ * sysdeps/gnu/bits/utmp.h (struct utmp): Use it.
+ * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same.
+
2017-11-15 Luke Shumaker <lukeshu@parabola.nu>
[BZ #22145]
diff --git a/misc/sys/cdefs.h b/misc/sys/cdefs.h
index cfd39d5..a603cb9 100644
--- a/misc/sys/cdefs.h
+++ b/misc/sys/cdefs.h
@@ -407,6 +407,15 @@
# endif
#endif
+#if __GNUC_PREREQ (8, 0)
+/* Describes a char array whose address can safely be passed as the first
+ argument to strncpy and strncat, as the char array is not necessarily
+ a NUL-terminated string. */
+# define __attribute_nonstring__ __attribute__ ((__nonstring__))
+#else
+# define __attribute_nonstring__
+#endif
+
#if (!defined _Static_assert && !defined __cplusplus \
&& (defined __STDC_VERSION__ ? __STDC_VERSION__ : 0) < 201112 \
&& (!__GNUC_PREREQ (4, 6) || defined __STRICT_ANSI__))
diff --git a/sysdeps/gnu/bits/utmp.h b/sysdeps/gnu/bits/utmp.h
index 2ee11cb..71c9fa2 100644
--- a/sysdeps/gnu/bits/utmp.h
+++ b/sysdeps/gnu/bits/utmp.h
@@ -59,10 +59,13 @@ struct utmp
{
short int ut_type; /* Type of login. */
pid_t ut_pid; /* Process ID of login process. */
- char ut_line[UT_LINESIZE]; /* Devicename. */
+ char ut_line[UT_LINESIZE]
+ __attribute_nonstring__; /* Devicename. */
char ut_id[4]; /* Inittab ID. */
- char ut_user[UT_NAMESIZE]; /* Username. */
- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */
+ char ut_user[UT_NAMESIZE]
+ __attribute_nonstring__; /* Username. */
+ char ut_host[UT_HOSTSIZE]
+ __attribute_nonstring__; /* Hostname for remote login. */
struct exit_status ut_exit; /* Exit status of a process marked
as DEAD_PROCESS. */
/* The ut_session and ut_tv fields must be the same size when compiled
diff --git a/sysdeps/unix/sysv/linux/s390/bits/utmp.h b/sysdeps/unix/sysv/linux/s390/bits/utmp.h
index 36114c3..f754f37 100644
--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h
@@ -59,10 +59,13 @@ struct utmp
{
short int ut_type; /* Type of login. */
pid_t ut_pid; /* Process ID of login process. */
- char ut_line[UT_LINESIZE]; /* Devicename. */
+ char ut_line[UT_LINESIZE]
+ __attribute_nonstring__; /* Devicename. */
char ut_id[4]; /* Inittab ID. */
- char ut_user[UT_NAMESIZE]; /* Username. */
- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */
+ char ut_user[UT_NAMESIZE]
+ __attribute_nonstring__; /* Username. */
+ char ut_host[UT_HOSTSIZE]
+ __attribute_nonstring__; /* Hostname for remote login. */
struct exit_status ut_exit; /* Exit status of a process marked
as DEAD_PROCESS. */
/* The ut_session and ut_tv fields must be the same size when compiled