This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug build/22447] New: unsafe call to strlen with a non-string in getlogin_r.c
- From: "msebor at gmail dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Thu, 16 Nov 2017 21:25:15 +0000
- Subject: [Bug build/22447] New: unsafe call to strlen with a non-string in getlogin_r.c
- Auto-submitted: auto-generated
https://sourceware.org/bugzilla/show_bug.cgi?id=22447
Bug ID: 22447
Summary: unsafe call to strlen with a non-string in
getlogin_r.c
Product: glibc
Version: 2.25
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: build
Assignee: unassigned at sourceware dot org
Reporter: msebor at gmail dot com
CC: carlos at redhat dot com
Target Milestone: ---
The was mentioned in
https://sourceware.org/ml/libc-alpha/2017-11/msg00556.html:
The new attribute nonstring recently introduced into Glibc triggers warnings
with my patch that enhances GCC to check for string functions being passed
arrays declared with the attribute. At least one of these looks like a Glibc
bug. The
__getlogin_r function in getlogin_r.c calls stlen() on the ut_user array member
of struct utmp. The utmp man page says that:
String fields are terminated by a null byte ('\0')
if they are shorter than the size of the field.
so the attribute on the array seems appropriate and the warning suggests a bug
in the function. The strlen call should probably be replaced with strnlen or
maybe memchr.
../sysdeps/unix/getlogin_r.c:83:23: warning: ‘strlen’ argument 1 declared
attribute ‘nonstring’ [-Wstringop-overflow=]
size_t needed = strlen (ut->ut_user) + 1;
^~~~~~~~~~~~~~~~~~~~
In file included from ../login/utmp.h:29,
from ../include/utmp.h:2,
from ../sysdeps/unix/getlogin_r.c:26,
from ../sysdeps/unix/sysv/linux/getlogin_r.c:25:
../sysdeps/gnu/bits/utmp.h:65:8: note: argument ‘ut_user’ declared here
char ut_user[UT_NAMESIZE]
^~~~~~~
--
You are receiving this mail because:
You are on the CC list for the bug.