From patchwork Thu Aug 19 22:22:20 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Noah Evans X-Patchwork-Id: 32191 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 07B0B27BC6B; Thu, 19 Aug 2021 23:23:12 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, HTML_MESSAGE,MAILING_LIST_MULTI,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS, T_DKIM_INVALID,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.2 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id E5E3627BC78 for ; Thu, 19 Aug 2021 23:23:10 +0100 (BST) Received: from localhost ([::1]:37872 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mGqRK-0008Gk-2E for patchwork@mira.cbaines.net; Thu, 19 Aug 2021 18:23:10 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:53774) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mGqRC-0008Gc-JL for guix-patches@gnu.org; Thu, 19 Aug 2021 18:23:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:49374) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1mGqRC-0004d2-Bi for guix-patches@gnu.org; Thu, 19 Aug 2021 18:23:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1mGqRC-00082Q-4g for guix-patches@gnu.org; Thu, 19 Aug 2021 18:23:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#50128] [PATCH core-updates-frozen] gnu: libsepol: Fix build. Resent-From: Noah Evans Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Thu, 19 Aug 2021 22:23:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 50128 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 50128@debbugs.gnu.org X-Debbugs-Original-To: "guix-patches@gnu.org" Received: via spool by submit@debbugs.gnu.org id=B.162941176030856 (code B ref -1); Thu, 19 Aug 2021 22:23:01 +0000 Received: (at submit) by debbugs.gnu.org; 19 Aug 2021 22:22:40 +0000 Received: from localhost ([127.0.0.1]:60920 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mGqQp-00081c-Lu for submit@debbugs.gnu.org; Thu, 19 Aug 2021 18:22:40 -0400 Received: from lists.gnu.org ([209.51.188.17]:41274) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mGqQn-00081U-Bh for submit@debbugs.gnu.org; Thu, 19 Aug 2021 18:22:37 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:53756) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mGqQn-0008Ew-3h for guix-patches@gnu.org; Thu, 19 Aug 2021 18:22:37 -0400 Received: from mail-0201.mail-europe.com ([51.77.79.158]:59559) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mGqQj-0004KD-LZ for guix-patches@gnu.org; Thu, 19 Aug 2021 18:22:36 -0400 Date: Thu, 19 Aug 2021 22:22:20 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nevans.me; s=protonmail2; t=1629411744; bh=l2eylCGYJ8d4WN1t1RnnyEkmaNO00AmkPPUumYPB9Rc=; h=Date:To:From:Reply-To:Subject:From; b=Y/4U4+2ze/BAcHbuHVD8keIK0EXg8SzH8VKgj0So57TpOl2FYz2X/w5d6eg27cuSD +W8OWgs4Zc4UeN8jfnHcEefZy/l+d2T23HZyt8hNaknHiEzwoTqFXgquGhSsG94OR4 iE3Ua90GXFcHIPrhFNoS5ZuefQe79W4fscYp+dcks57EiyIfFkWR7mzvDaX6l1KPPX smWPGM2OupoiVnKA8+UnvucJR+xXWhnQ5TkZPYL3LS7PqtG0TmUWvPV8uEgAlbLBoL AKskWPjmo4eDeBifDXbOymmDukhdmoz5iV65uPEPVIVuxQr/bPzvJA0RpBsdA4mOkr 2i1kVYyjkLhDQ== From: Noah Evans Message-ID: <9NQooI4o8z-uFEla2gQE_BW33e1nehl_d8k15dMF5MdmVN7L_kFaZj__pPbd8tCgTnMcOR-fD46XJzCjdAiOgkVcYnwNnGwX2KChPUZWc5A=@nevans.me> MIME-Version: 1.0 Received-SPF: pass client-ip=51.77.79.158; envelope-from=noah@nevans.me; helo=mail-0201.mail-europe.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Noah Evans Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches libsepol fails due to -Werror=stringop-truncation. I attatched a patch that uses an upstream commit to fix the warning, or we could just disable Werror. From 88e6d094bfb5341b0c0fe3a7267396e774b43abb Mon Sep 17 00:00:00 2001 From: Noah Evans Date: Thu, 19 Aug 2021 17:56:30 -0400 Subject: [PATCH core-updates-frozen] gnu: libsepol: Fix build. --- ...epol-fix-stringop-truncation-warning.patch | 90 +++++++++++++++++++ gnu/packages/selinux.scm | 4 + 2 files changed, 94 insertions(+) create mode 100644 gnu/packages/patches/libsepol-fix-stringop-truncation-warning.patch -- 2.33.0 diff --git a/gnu/packages/patches/libsepol-fix-stringop-truncation-warning.patch b/gnu/packages/patches/libsepol-fix-stringop-truncation-warning.patch new file mode 100644 index 0000000000..59f9513d7a --- /dev/null +++ b/gnu/packages/patches/libsepol-fix-stringop-truncation-warning.patch @@ -0,0 +1,90 @@ +Taken from upstream: +. + +From 07d6f1cea5a8ec0251606636189bc519d80b0729 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= +Date: Thu, 1 Jul 2021 20:07:07 +0200 +Subject: [PATCH] libsepol: assure string NUL-termination of ibdev_name +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Clang complains: + + ibendport_record.c: In function ‘sepol_ibendport_get_ibdev_name’: + ibendport_record.c:169:2: error: ‘strncpy’ specified bound 64 equals destination size [-Werror=stringop-truncation] + 169 | strncpy(tmp_ibdev_name, ibendport->ibdev_name, IB_DEVICE_NAME_MAX); + | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + ibendport_record.c: In function ‘sepol_ibendport_set_ibdev_name’: + ibendport_record.c:189:2: error: ‘strncpy’ specified bound 64 equals destination size [-Werror=stringop-truncation] + 189 | strncpy(tmp, ibdev_name, IB_DEVICE_NAME_MAX); + | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +strncpy(3) does not NUL-terminate the destination if the source is of +the same length or longer then the specified size. +The source of these copies are retrieved from +sepol_ibendport_alloc_ibdev_name(), which allocates a fixed amount of +IB_DEVICE_NAME_MAX bytes. +Reduce the size to copy by 1 of all memory regions allocated by +sepol_ibendport_alloc_ibdev_name(). + +Signed-off-by: Christian Göttsche +--- + libsepol/src/ibendport_record.c | 8 ++++---- + libsepol/src/ibendports.c | 2 +- + 2 files changed, 5 insertions(+), 5 deletions(-) + +diff --git a/libsepol/src/ibendport_record.c b/libsepol/src/ibendport_record.c +index adf671615..1eb50914b 100644 +--- a/libsepol/src/ibendport_record.c ++++ b/libsepol/src/ibendport_record.c +@@ -62,7 +62,7 @@ int sepol_ibendport_key_create(sepol_handle_t *handle, + if (sepol_ibendport_alloc_ibdev_name(handle, &tmp_key->ibdev_name) < 0) + goto err; + +- strncpy(tmp_key->ibdev_name, ibdev_name, IB_DEVICE_NAME_MAX); ++ strncpy(tmp_key->ibdev_name, ibdev_name, IB_DEVICE_NAME_MAX - 1); + tmp_key->port = port; + + *key_ptr = tmp_key; +@@ -166,7 +166,7 @@ int sepol_ibendport_get_ibdev_name(sepol_handle_t *handle, + if (sepol_ibendport_alloc_ibdev_name(handle, &tmp_ibdev_name) < 0) + goto err; + +- strncpy(tmp_ibdev_name, ibendport->ibdev_name, IB_DEVICE_NAME_MAX); ++ strncpy(tmp_ibdev_name, ibendport->ibdev_name, IB_DEVICE_NAME_MAX - 1); + *ibdev_name = tmp_ibdev_name; + return STATUS_SUCCESS; + +@@ -186,7 +186,7 @@ int sepol_ibendport_set_ibdev_name(sepol_handle_t *handle, + if (sepol_ibendport_alloc_ibdev_name(handle, &tmp) < 0) + goto err; + +- strncpy(tmp, ibdev_name, IB_DEVICE_NAME_MAX); ++ strncpy(tmp, ibdev_name, IB_DEVICE_NAME_MAX - 1); + free(ibendport->ibdev_name); + ibendport->ibdev_name = tmp; + return STATUS_SUCCESS; +@@ -230,7 +230,7 @@ int sepol_ibendport_clone(sepol_handle_t *handle, + if (sepol_ibendport_alloc_ibdev_name(handle, &new_ibendport->ibdev_name) < 0) + goto omem; + +- strncpy(new_ibendport->ibdev_name, ibendport->ibdev_name, IB_DEVICE_NAME_MAX); ++ strncpy(new_ibendport->ibdev_name, ibendport->ibdev_name, IB_DEVICE_NAME_MAX - 1); + new_ibendport->port = ibendport->port; + + if (ibendport->con && +diff --git a/libsepol/src/ibendports.c b/libsepol/src/ibendports.c +index 6d56c9a17..ee5cb1930 100644 +--- a/libsepol/src/ibendports.c ++++ b/libsepol/src/ibendports.c +@@ -34,7 +34,7 @@ static int ibendport_from_record(sepol_handle_t *handle, + &ibdev_name) < 0) + goto err; + +- strncpy(tmp_ibendport->u.ibendport.dev_name, ibdev_name, IB_DEVICE_NAME_MAX); ++ strncpy(tmp_ibendport->u.ibendport.dev_name, ibdev_name, IB_DEVICE_NAME_MAX - 1); + + free(ibdev_name); + ibdev_name = NULL; + diff --git a/gnu/packages/selinux.scm b/gnu/packages/selinux.scm index 8a75538d10..7c1466e555 100644 --- a/gnu/packages/selinux.scm +++ b/gnu/packages/selinux.scm @@ -55,6 +55,10 @@ (url "https://github.com/SELinuxProject/selinux") (commit version))) (file-name (git-file-name "selinux" version)) + (patches + (search-patches + ;; XXX: Remove patch in next release. + "libsepol-fix-stringop-truncation-warning.patch")) (sha256 (base32 "03p3lmvrvkcvsmiczsjzhyfgxlxdkdyq0p8igv3s3hdak5n92jjn"))))