diff options
author | Martin Sebor <msebor@redhat.com> | 2017-11-15 17:39:59 -0700 |
---|---|---|
committer | Martin Sebor <msebor@redhat.com> | 2017-11-15 17:39:59 -0700 |
commit | 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c (patch) | |
tree | c6c0117b6959160bc128ee661b3ed08420177c5e | |
parent | d9611e308592355718b36fe085b7b61aa52911e5 (diff) | |
download | glibc-7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c.zip glibc-7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c.tar.gz glibc-7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c.tar.bz2 |
The -Wstringop-truncation option new in GCC 8 detects common misuses
of the strncat and strncpy function that may result in truncating
the copied string before the terminating NUL. To avoid false positive
warnings for correct code that intentionally creates sequences of
characters that aren't guaranteed to be NUL-terminated, arrays that
are intended to store such sequences should be decorated with a new
nonstring attribute. This change add this attribute to Glibc and
uses it to suppress such false positives.
ChangeLog:
* misc/sys/cdefs.h (__attribute_nonstring__): New macro.
* sysdeps/gnu/bits/utmp.h (struct utmp): Use it.
* sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same.
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | misc/sys/cdefs.h | 9 | ||||
-rw-r--r-- | sysdeps/gnu/bits/utmp.h | 9 | ||||
-rw-r--r-- | sysdeps/unix/sysv/linux/s390/bits/utmp.h | 9 |
4 files changed, 27 insertions, 6 deletions
@@ -1,3 +1,9 @@ +2017-11-15 Martin Sebor <msebor@redhat.com> + + * misc/sys/cdefs.h (__attribute_nonstring__): New macro. + * sysdeps/gnu/bits/utmp.h (struct utmp): Use it. + * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same. + 2017-11-15 Luke Shumaker <lukeshu@parabola.nu> [BZ #22145] diff --git a/misc/sys/cdefs.h b/misc/sys/cdefs.h index cfd39d5..a603cb9 100644 --- a/misc/sys/cdefs.h +++ b/misc/sys/cdefs.h @@ -407,6 +407,15 @@ # endif #endif +#if __GNUC_PREREQ (8, 0) +/* Describes a char array whose address can safely be passed as the first + argument to strncpy and strncat, as the char array is not necessarily + a NUL-terminated string. */ +# define __attribute_nonstring__ __attribute__ ((__nonstring__)) +#else +# define __attribute_nonstring__ +#endif + #if (!defined _Static_assert && !defined __cplusplus \ && (defined __STDC_VERSION__ ? __STDC_VERSION__ : 0) < 201112 \ && (!__GNUC_PREREQ (4, 6) || defined __STRICT_ANSI__)) diff --git a/sysdeps/gnu/bits/utmp.h b/sysdeps/gnu/bits/utmp.h index 2ee11cb..71c9fa2 100644 --- a/sysdeps/gnu/bits/utmp.h +++ b/sysdeps/gnu/bits/utmp.h @@ -59,10 +59,13 @@ struct utmp { short int ut_type; /* Type of login. */ pid_t ut_pid; /* Process ID of login process. */ - char ut_line[UT_LINESIZE]; /* Devicename. */ + char ut_line[UT_LINESIZE] + __attribute_nonstring__; /* Devicename. */ char ut_id[4]; /* Inittab ID. */ - char ut_user[UT_NAMESIZE]; /* Username. */ - char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ + char ut_user[UT_NAMESIZE] + __attribute_nonstring__; /* Username. */ + char ut_host[UT_HOSTSIZE] + __attribute_nonstring__; /* Hostname for remote login. */ struct exit_status ut_exit; /* Exit status of a process marked as DEAD_PROCESS. */ /* The ut_session and ut_tv fields must be the same size when compiled diff --git a/sysdeps/unix/sysv/linux/s390/bits/utmp.h b/sysdeps/unix/sysv/linux/s390/bits/utmp.h index 36114c3..f754f37 100644 --- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h +++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h @@ -59,10 +59,13 @@ struct utmp { short int ut_type; /* Type of login. */ pid_t ut_pid; /* Process ID of login process. */ - char ut_line[UT_LINESIZE]; /* Devicename. */ + char ut_line[UT_LINESIZE] + __attribute_nonstring__; /* Devicename. */ char ut_id[4]; /* Inittab ID. */ - char ut_user[UT_NAMESIZE]; /* Username. */ - char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ + char ut_user[UT_NAMESIZE] + __attribute_nonstring__; /* Username. */ + char ut_host[UT_HOSTSIZE] + __attribute_nonstring__; /* Hostname for remote login. */ struct exit_status ut_exit; /* Exit status of a process marked as DEAD_PROCESS. */ /* The ut_session and ut_tv fields must be the same size when compiled |