Petr Lautrbach <plautrba@xxxxxxxxxx> writes: > Nicolas Iooss <nicolas.iooss@xxxxxxx> writes: > >> When building libselinux on Fedora 33 with gcc 10.3.1, the compiler >> reports: >> >> label_file.c: In function ‘lookup_all.isra’: >> label_file.c:940:4: error: ‘strncpy’ specified bound depends on the >> length of the source argument [-Werror=stringop-overflow=] >> 940 | strncpy(clean_key, key, len - 1); >> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >> label_file.c:927:8: note: length computed here >> 927 | len = strlen(key); >> | ^~~~~~~~~~~ >> cc1: all warnings being treated as errors >> >> As clean_key is the result of malloc(len), there is no issue here. But >> using strncpy can be considered as strange, because the size of the >> string is already known and the NUL terminator is always added later, in >> function ‘lookup_all.isra. >> >> Replace strncpy with memcpy to silence this gcc false-positive warning. >> >> Signed-off-by: Nicolas Iooss <nicolas.iooss@xxxxxxx> > > I wasn't able to reproduce it with gcc-11.0.1-0.7.fc35.x86_64, but it's > indeed reproducible with gcc-10.3.1-1.fc33.x86_64 and this patch fixes > it. > > Acked-by: Petr Lautrbach <plautrba@xxxxxxxxxx> > Merged >> --- >> libselinux/src/label_file.c | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/libselinux/src/label_file.c b/libselinux/src/label_file.c >> index 726394ca4332..cfce23e0119e 100644 >> --- a/libselinux/src/label_file.c >> +++ b/libselinux/src/label_file.c >> @@ -909,7 +909,7 @@ static const struct spec **lookup_all(struct selabel_handle *rec, >> if (!clean_key) >> goto finish; >> >> - strncpy(clean_key, key, len - 1); >> + memcpy(clean_key, key, len - 1); >> } >> >> clean_key[len - 1] = '\0'; >> -- >> 2.31.0
