bench-slope.c: potential buffer overflows
Closed, ResolvedPublic

Description

libtool: link: /usr/local/bin/scan-build/ccc-analyzer -I/usr/local/include -g3
-O1 -fvisibility=hidden -Wall -o benchmark benchmark.o ../src/.libs/libgcrypt.a
-L/usr/local/lib ../compat/.libs/libcompat.a /usr/local/lib/libgpg-error.so
/usr/local/bin/scan-build/ccc-analyzer -DHAVE_CONFIG_H -I. -I.. -I../src
-I../src -I/usr/local/include -g3 -O1 -fvisibility=hidden -Wall -MT
bench-slope.o -MD -MP -MF .deps/bench-slope.Tpo -c -o bench-slope.o bench-slope.c
bench-slope.c:537:36: warning: Potential buffer overflow. Replace with
'sizeof(nsecpbyte_buf) - strlen(nsecpbyte_buf) - 1' or use a safer 'strlcat' API

strncat (nsecpbyte_buf, " ns/B", sizeof (nsecpbyte_buf) - 1);
                                 ^~~~~~~~~~~~~~~~~~~~~~~~~~

/usr/include/x86_64-linux-gnu/bits/string2.h:784:63: note: expanded from macro
'strncat'

define strncat(dest, src, n) __builtin_strncat (dest, src, n)

^

bench-slope.c:538:34: warning: Potential buffer overflow. Replace with
'sizeof(mbpsec_buf) - strlen(mbpsec_buf) - 1' or use a safer 'strlcat' API

strncat (mbpsec_buf, " MiB/s", sizeof (mbpsec_buf) - 1);
                               ^~~~~~~~~~~~~~~~~~~~~~~

/usr/include/x86_64-linux-gnu/bits/string2.h:784:63: note: expanded from macro
'strncat'

define strncat(dest, src, n) __builtin_strncat (dest, src, n)

^

bench-slope.c:539:3: warning: Size argument is greater than the free space in
the destination buffer

strncat (cpbyte_buf, " c/B", sizeof (cpbyte_buf) - 1);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

/usr/include/x86_64-linux-gnu/bits/string2.h:784:33: note: expanded from macro
'strncat'

define strncat(dest, src, n) __builtin_strncat (dest, src, n)

^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

bench-slope.c:539:32: warning: Potential buffer overflow. Replace with
'sizeof(cpbyte_buf) - strlen(cpbyte_buf) - 1' or use a safer 'strlcat' API

strncat (cpbyte_buf, " c/B", sizeof (cpbyte_buf) - 1);
                             ^~~~~~~~~~~~~~~~~~~~~~~

/usr/include/x86_64-linux-gnu/bits/string2.h:784:63: note: expanded from macro
'strncat'

define strncat(dest, src, n) __builtin_strncat (dest, src, n)

^

4 warnings generated.

Details

Version
1.6.3
JW set Version to 1.6.3.
JW added a subscriber: JW.
werner closed this task as Resolved.
werner claimed this task.

No c+p of warnings please! Use gnupg-devel for such things.