1 files changed, 66 insertions, 0 deletions
diff --git a/meta/recipes-core/ovmf/ovmf/0004-BaseTools-GenVtf-silence-false-stringop-overflow-war.patch b/meta/recipes-core/ovmf/ovmf/0004-BaseTools-GenVtf-silence-false-stringop-overflow-war.patch
new file mode 100644
index 0000000000..7ad7cdf0ce
--- /dev/null
+++ b/meta/recipes-core/ovmf/ovmf/0004-BaseTools-GenVtf-silence-false-stringop-overflow-war.patch
@@ -0,0 +1,66 @@
+From dfb42a5bff78d9239a80731e337855234badef3e Mon Sep 17 00:00:00 2001
+From: Laszlo Ersek <lersek@redhat.com>
+Date: Fri, 2 Mar 2018 17:11:52 +0100
+Subject: [PATCH 4/4] BaseTools/GenVtf: silence false "stringop-overflow"
+ warning with memcpy()
+gcc-8 (which is part of Fedora 28) enables the new warning
+"-Wstringop-overflow" in "-Wall". This warning is documented in detail at
+<https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html>; the
+introduction says
+> Warn for calls to string manipulation functions such as memcpy and
+> strcpy that are determined to overflow the destination buffer.
+It breaks the BaseTools build with:
+> GenVtf.c: In function 'ConvertVersionInfo':
+> GenVtf.c:132:7: error: 'strncpy' specified bound depends on the length
+> of the source argument [-Werror=stringop-overflow=]
+>        strncpy (TemStr + 4 - Length, Str, Length);
+>        ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+> GenVtf.c:130:14: note: length computed here
+>      Length = strlen(Str);
+>               ^~~~~~~~~~~
+It is a false positive because, while the bound equals the length of the
+source argument, the destination pointer is moved back towards the
+beginning of the destination buffer by the same amount (and this amount is
+range-checked first, so we can't precede the start of the dest buffer).
+Replace both strncpy() calls with memcpy().
+Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Cc: Cole Robinson <crobinso@redhat.com>
+Cc: Liming Gao <liming.gao@intel.com>
+Cc: Paolo Bonzini <pbonzini@redhat.com>
+Cc: Yonghong Zhu <yonghong.zhu@intel.com>
+Reported-by: Cole Robinson <crobinso@redhat.com>
+Contributed-under: TianoCore Contribution Agreement 1.1
+Signed-off-by: Laszlo Ersek <lersek@redhat.com>
+Reviewed-by: Liming Gao <liming.gao@intel.com>
+---
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+Upstream-Status: Backport
+ BaseTools/Source/C/GenVtf/GenVtf.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+diff --git a/BaseTools/Source/C/GenVtf/GenVtf.c b/BaseTools/Source/C/GenVtf/GenVtf.c
+index 2ae9a7be2c..0cd33e71e9 100644
+--- a/BaseTools/Source/C/GenVtf/GenVtf.c
+++ b/BaseTools/Source/C/GenVtf/GenVtf.c
+@@ -129,9 +129,9 @@ Returns:
+   } else {
+     Length = strlen(Str);
+     if (Length < 4) {
+-      strncpy (TemStr + 4 - Length, Str, Length);
+      memcpy (TemStr + 4 - Length, Str, Length);
+     } else {
+-      strncpy (TemStr, Str + Length - 4, 4);
+      memcpy (TemStr, Str + Length - 4, 4);
+     }
+   
+     sscanf (
+-- 
+2.17.0

diff --git a/meta/recipes-core/ovmf/ovmf/0004-BaseTools-GenVtf-silence-false-stringop-overflow-war.patch b/meta/recipes-core/ovmf/ovmf/0004-BaseTools-GenVtf-silence-false-stringop-overflow-war.patch new file mode 100644 index 0000000000..7ad7cdf0ce --- /dev/null +++ b/meta/recipes-core/ovmf/ovmf/0004-BaseTools-GenVtf-silence-false-stringop-overflow-war.patch
@@ -0,0 +1,66 @@
	1	From dfb42a5bff78d9239a80731e337855234badef3e Mon Sep 17 00:00:00 2001
	2	From: Laszlo Ersek <lersek@redhat.com>
	3	Date: Fri, 2 Mar 2018 17:11:52 +0100
	4	Subject: [PATCH 4/4] BaseTools/GenVtf: silence false "stringop-overflow"
	5	warning with memcpy()
	6
	7	gcc-8 (which is part of Fedora 28) enables the new warning
	8	"-Wstringop-overflow" in "-Wall". This warning is documented in detail at
	9	<https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html>; the
	10	introduction says
	11
	12	> Warn for calls to string manipulation functions such as memcpy and
	13	> strcpy that are determined to overflow the destination buffer.
	14
	15	It breaks the BaseTools build with:
	16
	17	> GenVtf.c: In function 'ConvertVersionInfo':
	18	> GenVtf.c:132:7: error: 'strncpy' specified bound depends on the length
	19	> of the source argument [-Werror=stringop-overflow=]
	20	> strncpy (TemStr + 4 - Length, Str, Length);
	21	> ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
	22	> GenVtf.c:130:14: note: length computed here
	23	> Length = strlen(Str);
	24	> ^~~~~~~~~~~
	25
	26	It is a false positive because, while the bound equals the length of the
	27	source argument, the destination pointer is moved back towards the
	28	beginning of the destination buffer by the same amount (and this amount is
	29	range-checked first, so we can't precede the start of the dest buffer).
	30
	31	Replace both strncpy() calls with memcpy().
	32
	33	Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
	34	Cc: Cole Robinson <crobinso@redhat.com>
	35	Cc: Liming Gao <liming.gao@intel.com>
	36	Cc: Paolo Bonzini <pbonzini@redhat.com>
	37	Cc: Yonghong Zhu <yonghong.zhu@intel.com>
	38	Reported-by: Cole Robinson <crobinso@redhat.com>
	39	Contributed-under: TianoCore Contribution Agreement 1.1
	40	Signed-off-by: Laszlo Ersek <lersek@redhat.com>
	41	Reviewed-by: Liming Gao <liming.gao@intel.com>
	42	---
	43	Signed-off-by: Khem Raj <raj.khem@gmail.com>
	44	Upstream-Status: Backport
	45	BaseTools/Source/C/GenVtf/GenVtf.c \| 4 ++--
	46	1 file changed, 2 insertions(+), 2 deletions(-)
	47
	48	diff --git a/BaseTools/Source/C/GenVtf/GenVtf.c b/BaseTools/Source/C/GenVtf/GenVtf.c
	49	index 2ae9a7be2c..0cd33e71e9 100644
	50	--- a/BaseTools/Source/C/GenVtf/GenVtf.c
	51	+++ b/BaseTools/Source/C/GenVtf/GenVtf.c
	52	@@ -129,9 +129,9 @@ Returns:
	53	} else {
	54	Length = strlen(Str);
	55	if (Length < 4) {
	56	- strncpy (TemStr + 4 - Length, Str, Length);
	57	+ memcpy (TemStr + 4 - Length, Str, Length);
	58	} else {
	59	- strncpy (TemStr, Str + Length - 4, 4);
	60	+ memcpy (TemStr, Str + Length - 4, 4);
	61	}
	62
	63	sscanf (
	64	--
	65	2.17.0
	66