diff options
Diffstat (limited to 'meta/recipes-core/ovmf/ovmf/0004-BaseTools-GenVtf-silence-false-stringop-overflow-war.patch')
-rw-r--r-- | meta/recipes-core/ovmf/ovmf/0004-BaseTools-GenVtf-silence-false-stringop-overflow-war.patch | 66 |
1 files changed, 66 insertions, 0 deletions
diff --git a/meta/recipes-core/ovmf/ovmf/0004-BaseTools-GenVtf-silence-false-stringop-overflow-war.patch b/meta/recipes-core/ovmf/ovmf/0004-BaseTools-GenVtf-silence-false-stringop-overflow-war.patch new file mode 100644 index 0000000000..7ad7cdf0ce --- /dev/null +++ b/meta/recipes-core/ovmf/ovmf/0004-BaseTools-GenVtf-silence-false-stringop-overflow-war.patch | |||
@@ -0,0 +1,66 @@ | |||
1 | From dfb42a5bff78d9239a80731e337855234badef3e Mon Sep 17 00:00:00 2001 | ||
2 | From: Laszlo Ersek <lersek@redhat.com> | ||
3 | Date: Fri, 2 Mar 2018 17:11:52 +0100 | ||
4 | Subject: [PATCH 4/4] BaseTools/GenVtf: silence false "stringop-overflow" | ||
5 | warning with memcpy() | ||
6 | |||
7 | gcc-8 (which is part of Fedora 28) enables the new warning | ||
8 | "-Wstringop-overflow" in "-Wall". This warning is documented in detail at | ||
9 | <https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html>; the | ||
10 | introduction says | ||
11 | |||
12 | > Warn for calls to string manipulation functions such as memcpy and | ||
13 | > strcpy that are determined to overflow the destination buffer. | ||
14 | |||
15 | It breaks the BaseTools build with: | ||
16 | |||
17 | > GenVtf.c: In function 'ConvertVersionInfo': | ||
18 | > GenVtf.c:132:7: error: 'strncpy' specified bound depends on the length | ||
19 | > of the source argument [-Werror=stringop-overflow=] | ||
20 | > strncpy (TemStr + 4 - Length, Str, Length); | ||
21 | > ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
22 | > GenVtf.c:130:14: note: length computed here | ||
23 | > Length = strlen(Str); | ||
24 | > ^~~~~~~~~~~ | ||
25 | |||
26 | It is a false positive because, while the bound equals the length of the | ||
27 | source argument, the destination pointer is moved back towards the | ||
28 | beginning of the destination buffer by the same amount (and this amount is | ||
29 | range-checked first, so we can't precede the start of the dest buffer). | ||
30 | |||
31 | Replace both strncpy() calls with memcpy(). | ||
32 | |||
33 | Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> | ||
34 | Cc: Cole Robinson <crobinso@redhat.com> | ||
35 | Cc: Liming Gao <liming.gao@intel.com> | ||
36 | Cc: Paolo Bonzini <pbonzini@redhat.com> | ||
37 | Cc: Yonghong Zhu <yonghong.zhu@intel.com> | ||
38 | Reported-by: Cole Robinson <crobinso@redhat.com> | ||
39 | Contributed-under: TianoCore Contribution Agreement 1.1 | ||
40 | Signed-off-by: Laszlo Ersek <lersek@redhat.com> | ||
41 | Reviewed-by: Liming Gao <liming.gao@intel.com> | ||
42 | --- | ||
43 | Signed-off-by: Khem Raj <raj.khem@gmail.com> | ||
44 | Upstream-Status: Backport | ||
45 | BaseTools/Source/C/GenVtf/GenVtf.c | 4 ++-- | ||
46 | 1 file changed, 2 insertions(+), 2 deletions(-) | ||
47 | |||
48 | diff --git a/BaseTools/Source/C/GenVtf/GenVtf.c b/BaseTools/Source/C/GenVtf/GenVtf.c | ||
49 | index 2ae9a7be2c..0cd33e71e9 100644 | ||
50 | --- a/BaseTools/Source/C/GenVtf/GenVtf.c | ||
51 | +++ b/BaseTools/Source/C/GenVtf/GenVtf.c | ||
52 | @@ -129,9 +129,9 @@ Returns: | ||
53 | } else { | ||
54 | Length = strlen(Str); | ||
55 | if (Length < 4) { | ||
56 | - strncpy (TemStr + 4 - Length, Str, Length); | ||
57 | + memcpy (TemStr + 4 - Length, Str, Length); | ||
58 | } else { | ||
59 | - strncpy (TemStr, Str + Length - 4, 4); | ||
60 | + memcpy (TemStr, Str + Length - 4, 4); | ||
61 | } | ||
62 | |||
63 | sscanf ( | ||
64 | -- | ||
65 | 2.17.0 | ||
66 | |||