diff options
| author | Thomas Haller <thaller@redhat.com> | 2019-07-15 21:23:50 +0200 |
|---|---|---|
| committer | Thomas Haller <thaller@redhat.com> | 2019-07-16 10:48:38 +0200 |
| commit | d5ad315f118b04b89d1e7385c74f7265ae26423a (patch) | |
| tree | f18a612f1f891707e0d3ccf00ca44c2dd9e63535 /shared | |
| parent | adb51c2a7f05fd15b5a0c51c01a6a725201c8c4a (diff) | |
| download | NetworkManager-d5ad315f118b04b89d1e7385c74f7265ae26423a.tar.gz | |
shared: suppress -Werror=stringop-overflow= warning in nm_strndup_a()
nm_strndup_a() uses strncpy() because we want the behavior of clearing out
the memory after the first NUL byte. But that can cause a compiler warning:
CC src/settings/plugins/keyfile/libNetworkManager_la-nms-keyfile-utils.lo
In file included from ../../shared/nm-default.h:279,
from ../../src/settings/plugins/keyfile/nms-keyfile-utils.c:20:
In function ‘_nm_strndup_a_step’,
inlined from ‘nms_keyfile_loaded_uuid_is_filename’ at ../../src/settings/plugins/keyfile/nms-keyfile-utils.c:65:9:
../../shared/nm-glib-aux/nm-macros-internal.h:1661:3: error: ‘strncpy’ specified bound depends on the length of the source argument [-Werror=stringop-overflow=]
1661 | strncpy (s, str, len);
| ^~~~~~~~~~~~~~~~~~~~~
../../src/settings/plugins/keyfile/nms-keyfile-utils.c: In function ‘nms_keyfile_loaded_uuid_is_filename’:
../../src/settings/plugins/keyfile/nms-keyfile-utils.c:48:8: note: length computed here
48 | len = strlen (filename);
| ^~~~~~~~~~~~~~~~~
It's true that the len argument of _nm_strndup_a_step() depends on the
string length of the source string. But in this case it's safe, because
we checked that the destination buffer is exactly the right size too.
By that reasoning we should use memcpy() or strcpy(), but both are
unsuitable. That is because we want nm_strndup_a() to behave like
strndup(), which means we need to handle cases where the len argument
is larger than the string length of the source string. That is, we want
always to return a buffer of size len+1, but we want to copy only the
characters up to the first NUL byte, and clear out the rest. That's what
strncpy() does for us.
Silence the warning.
Diffstat (limited to 'shared')
| -rw-r--r-- | shared/nm-glib-aux/nm-macros-internal.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/shared/nm-glib-aux/nm-macros-internal.h b/shared/nm-glib-aux/nm-macros-internal.h index e76a3c251b..9062fe8d98 100644 --- a/shared/nm-glib-aux/nm-macros-internal.h +++ b/shared/nm-glib-aux/nm-macros-internal.h @@ -1657,11 +1657,13 @@ static inline char * _nm_strndup_a_step (char *s, const char *str, gsize len) { NM_PRAGMA_WARNING_DISABLE ("-Wstringop-truncation"); + NM_PRAGMA_WARNING_DISABLE ("-Wstringop-overflow"); if (len > 0) strncpy (s, str, len); s[len] = '\0'; return s; NM_PRAGMA_WARNING_REENABLE; + NM_PRAGMA_WARNING_REENABLE; } /* Similar to g_strndup(), however, if the string (including the terminating |