[ipxe-devel] [PATCH] [efi] use correct bound in strncpy to ensure NUL-termination

Bruce Rogers brogers at suse.com
Mon Apr 23 20:01:59 UTC 2018


>>> On 4/23/2018 at 11:53 AM, Michael Brown <mcb30 at ipxe.org> wrote:
> On 23/04/18 16:42, Bruce Rogers wrote:
>> Using gcc8 with the [-Werror=stringop-truncation] option, the following
>> error is emitted:
>> 
>> util/elf2efi.c:494:2: error: 'strncpy' specified bound 8 equals destination
>> size [-Werror=stringop-truncation]
>>    strncpy ( ( char * ) new->hdr.Name, name, sizeof ( new->hdr.Name ) );
>>    ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> 
>> Specify one less than sizeof the target buffer to avoid this diagnostic.
>> Since the target buffer is pre-zeroed, the string will be NUL-terminated.
> 
> This is a fixed-length string field that is not supposed to be 
> NUL-terminated.  The use of strncpy() here is deliberate in order to be 
> able to completely fill the field.
> 
> Is there a (clean) way to indicate to gcc to ignore this false positive 
> warning?

I don't know if there is a way to do that.

It looks like this is not the only instance of this type of usage of strncpy()
(I should have checked). This new check in gcc8 also covers strncat() and
stpncpy(). I find one instance of strncat(), but it's usage looks fine. No usage
of stpncpy().  Perhaps we need an audit of all these strncpy()'s to properly
avoid this issue as gcc8 is coming soon.

Bruce





More information about the ipxe-devel mailing list