On Fri, May 31, 2019 at 8:23 AM Richard Haines
<richard_c_haines@xxxxxxxxxxxxxx> wrote:
>
> When building with gcc9, get build errors such as:
>
> genbools.c:24:2: error: ‘strncpy’ output may be truncated copying 8191
> bytes from a string of length 8191 [-Werror=stringop-truncation]
> 24 | strncpy(dest, ptr, size);
> | ^~~~~~~~~~~~~~~~~~~~~~~~
>
> Signed-off-by: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
> ---
> libselinux/src/booleans.c | 4 ++--
> libsepol/src/genbools.c | 20 +++++++++++---------
> 2 files changed, 13 insertions(+), 11 deletions(-)
>
> diff --git a/libselinux/src/booleans.c b/libselinux/src/booleans.c
> index ab1e0754..cdc03517 100644
> --- a/libselinux/src/booleans.c
> +++ b/libselinux/src/booleans.c
> @@ -539,7 +539,7 @@ int security_load_booleans(char *path)
>
> __fsetlocking(boolf, FSETLOCKING_BYCALLER);
> while (getline(&inbuf, &len, boolf) > 0) {
> - int ret = process_boolean(inbuf, name, sizeof(name), &val);
> + int ret = process_boolean(inbuf, name, len, &val);
> if (ret == -1)
> errors++;
> if (ret == 1)
> @@ -557,7 +557,7 @@ int security_load_booleans(char *path)
> int ret;
> __fsetlocking(boolf, FSETLOCKING_BYCALLER);
> while (getline(&inbuf, &len, boolf) > 0) {
> - ret = process_boolean(inbuf, name, sizeof(name), &val);
> + ret = process_boolean(inbuf, name, len, &val);
> if (ret == -1)
> errors++;
> if (ret == 1)
> diff --git a/libsepol/src/genbools.c b/libsepol/src/genbools.c
> index d4a2df62..ad194ca6 100644
> --- a/libsepol/src/genbools.c
> +++ b/libsepol/src/genbools.c
> @@ -10,6 +10,8 @@
> #include "private.h"
> #include "dso.h"
>
> +#define FGET_BUFSIZ 255
> +
> /* -- Deprecated -- */
>
> static char *strtrim(char *dest, char *source, int size)
> @@ -32,7 +34,7 @@ static char *strtrim(char *dest, char *source, int size)
>
> static int process_boolean(char *buffer, char *name, int namesize, int *val)
> {
> - char name1[BUFSIZ];
> + char name1[FGET_BUFSIZ];
> char *ptr = NULL;
> char *tok;
>
> @@ -48,7 +50,7 @@ static int process_boolean(char *buffer, char *name, int namesize, int *val)
> ERR(NULL, "illegal boolean definition %s", buffer);
> return -1;
> }
> - strncpy(name1, tok, BUFSIZ - 1);
> + strncpy(name1, tok, FGET_BUFSIZ - 1);
> strtrim(name, name1, namesize - 1);
>
> tok = strtok_r(NULL, "\0", &ptr);
> @@ -79,8 +81,8 @@ static int load_booleans(struct policydb *policydb, const char *path,
> {
> FILE *boolf;
> char *buffer = NULL;
> - char localbools[BUFSIZ];
> - char name[BUFSIZ];
> + char localbools[FGET_BUFSIZ];
> + char name[FGET_BUFSIZ + 1];
> int val;
> int errors = 0, changes = 0;
> struct cond_bool_datum *datum;
> @@ -90,12 +92,12 @@ static int load_booleans(struct policydb *policydb, const char *path,
> goto localbool;
>
> #ifdef __APPLE__
> - if ((buffer = (char *)malloc(255 * sizeof(char))) == NULL) {
> - ERR(NULL, "out of memory");
> - return -1;
> + if ((buffer = (char *)malloc(FGET_BUFSIZ * sizeof(char))) == NULL) {
> + ERR(NULL, "out of memory");
> + return -1;
> }
>
> - while(fgets(buffer, 255, boolf) != NULL) {
> + while (fgets(buffer, FGET_BUFSIZ, boolf) != NULL) {
> #else
> size_t size = 0;
> while (getline(&buffer, &size, boolf) > 0) {
> @@ -124,7 +126,7 @@ static int load_booleans(struct policydb *policydb, const char *path,
>
> #ifdef __APPLE__
>
> - while(fgets(buffer, 255, boolf) != NULL) {
> + while (fgets(buffer, FGET_BUFSIZ, boolf) != NULL) {
> #else
>
> while (getline(&buffer, &size, boolf) > 0) {
> --
> 2.21.0
>
This seems fine to me, ack. Still running the test suite, but I don't
see why anything would break.
