lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1541008491.29722.36.camel@debian.org>
Date:   Wed, 31 Oct 2018 17:54:51 +0000
From:   Luca Boccassi <bluca@...ian.org>
To:     Stephen Hemminger <stephen@...workplumber.org>
Cc:     netdev@...r.kernel.org, dsahern@...il.com
Subject: Re: [PATCH iproute2] Use libbsd for strlcpy if available

On Wed, 2018-10-31 at 08:09 -0700, Stephen Hemminger wrote:
> On Mon, 29 Oct 2018 10:46:50 +0000
> Luca Boccassi <bluca@...ian.org> wrote:
> 
> > If libc does not provide strlcpy check for libbsd with pkg-config
> > to
> > avoid relying on inline version.
> > 
> > Signed-off-by: Luca Boccassi <bluca@...ian.org>
> > ---
> > This allows distro maintainers to be able to choose to reduce
> > duplication and let this code be maintained in one place, in the
> > external library.
> > 
> 
> I like the idea, but it causes warnings on Debian testing, and maybe
> other distros.
> 
> ipnetns.c:2: warning: "_ATFILE_SOURCE" redefined
>  #define _ATFILE_SOURCE
>  
> In file included from /usr/include/x86_64-linux-gnu/bits/libc-header-
> start.h:33,
>                  from /usr/include/string.h:26,
>                  from /usr/include/bsd/string.h:30,
>                  from <command-line>:
> /usr/include/features.h:326: note: this is the location of the
> previous definition
>  # define _ATFILE_SOURCE 1
> 
> 
> Please figure out how to handle this and resubmit.  SUSE open build
> service might
> also work to test multiple distro's

Ah missed that. That happens because features.h defines _ATFILE_SOURCE
to 1, but ip/ipnetns.c defines it without a value. According to the
spec either way doesn't change the result.

This happens because of the quick hack of using -include
/usr/include/bsd/string.h which was, well, a quick hack and didn't
require to add the include manually everywhere strlcpy was used, even
in the future. But it has side effects like this.

So I'll send v2 with a less hacky fix, which means defining HAVE_LIBBSD
in configure and doing #ifdef HAVE_LIBBSD #include <bsd/string.h> in
every file. It also means that this needs to be done for every future
use of strlcpy, or the build with libbsd will break.

If you or David prefer the hacky way, I can instead send a v3 that does
the quick hack, and also changes _ATFILE_SOURCE to 1 so that there is
no complaint from the compiler, as the values will be the same.

-- 
Kind regards,
Luca Boccassi
Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ