Skip to content

Fix problems detected by fortified builds#232

Merged
bbonev merged 10 commits intoeudev-project:masterfrom
bbonev:buffers
Jun 9, 2022
Merged

Fix problems detected by fortified builds#232
bbonev merged 10 commits intoeudev-project:masterfrom
bbonev:buffers

Conversation

@bbonev
Copy link
Member

@bbonev bbonev commented Jun 8, 2022
edited
Loading

  • do not overwrite memory (-pre versions trigger this)
  • do not use truncated strings
  • kill the warnings for unused result

tested on gcc 11.3 with:

CPPFLAGS="-Wdate-time -D_FORTIFY_SOURCE=2" \
CFLAGS="-g -O2 -fstack-protector-strong -Wformat -Werror=format-security" \
LDFLAGS="-Wl,-z,relro -Wl,-z,now" \
./configure && \
make -j

bbonev added 4 commits June 8, 2022 08:13
@bbonev
Avoid buffer overrun with long version strings
9f99dba 
This condition may happen with version as 3.2.12-pre1 which would generate
udev-3.2.12-pre1 with length of 17 including the terminating 0, while
struct udev_ctrl.version is only 16 bytes
@bbonev
Refuse to generate truncated USB modalias
ed95424 
In case of invalid input the resulting modalias would exceed the buffer and be
truncated. Add checks to avoid generating truncated modalias.
@bbonev
Kill warnings for unused result
aaa76e5 
ftruncate and lockf are declared with attribute ‘warn_unused_result’.
Kill the warning and add a TODO comment.
@bbonev
Increase the path buffer and fail on truncation
1833f76 
Add a check to avoid creating files with path that may be truncated
@bbonev bbonev requested review from ArsenArsen and kaniini June 8, 2022 05:34
@bbonev bbonev changed the title Fix warnings detected by fortified builds Fix problems detected by fortified builds Jun 8, 2022
ArsenArsen
ArsenArsen approved these changes Jun 9, 2022
View reviewed changes
ArsenArsen
ArsenArsen requested changes Jun 9, 2022
View reviewed changes
Copy link
Collaborator

@ArsenArsen ArsenArsen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

see above, I selected the wrong option by mistake.

bbonev added 6 commits June 9, 2022 19:03
@bbonev
Fix code style
74b5af5 
Suggested-by: Arsen Arsenović <arsen@aarsen.me>
@bbonev
Mark as safe to ignore
07afd28 
Suggested-by: Arsen Arsenović <arsen@aarsen.me>
@bbonev
Do not try to lock a negative fd
9bffb8a
@bbonev
Change prepare to never return an unlocked fd
fe9bac1 
- fix coding style while at it
- add checks and fail in case lockf failed

Suggested-by: Arsen Arsenović <arsen@aarsen.me>
@bbonev
Add error checking
20f79fa 
lseek and ftruncate may fail; do not continue the processing if that happens

Suggested-by: Arsen Arsenović <arsen@aarsen.me>
@bbonev
Use snprintf (for posterity)
54d0df1 
Also fix code style of sizeof()

Suggested-by: Arsen Arsenović <arsen@aarsen.me>
ArsenArsen
ArsenArsen approved these changes Jun 9, 2022
View reviewed changes
Copy link
Collaborator

@ArsenArsen ArsenArsen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks alright

@bbonev bbonev merged commit 3211655 into eudev-project:master Jun 9, 2022
@bbonev bbonev deleted the buffers branch June 11, 2022 14:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ArsenArsen ArsenArsen ArsenArsen approved these changes

@kaniini kaniini Awaiting requested review from kaniini

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bbonev @ArsenArsen