Created attachment 269777 [details] Build log You're receiving this bug because the package in Summary has produced _FORTIFY_SOURCE related warnings indicating the presence of a sure overflow in a static buffer. Even though this is not always an indication of a security problem it might even be. So please check this out ASAP. By the way, _FORTIFY_SOURCE is disabled when you disable optimisation, so don't try finding out the cause using -O0. Thanks, Your friendly neighborhood tinderboxer
Original report: """ In function ‘bzero’, inlined from ‘DeallocateFile’ at SExtents.c:701:3: /usr/include/bits/string3.h:98:3: warning: call to __builtin___memset_chk will always overflow destination buffer [enabled by default] In function ‘bzero’, inlined from ‘DeallocateFile’ at SExtents.c:704:3: /usr/include/bits/string3.h:98:3: warning: call to __builtin___memset_chk will always overflow destination buffer [enabled by default] """ Nowadays' gcc detects the same: """ x86_64-pc-linux-gnu-gcc -march=sandybridge -mtune=sandybridge -maes --param=l1-cache-size=32 --param=l1-cache-line-size=64 --param=l2-cache-size=8192 -O2 -pipe -fdiagnostics-show-option -frecord-gcc-switches -Wall -Wextra -Wstack-protector -frecord-gcc-switches -frecord-gcc-switches -Wall -I/tmp/portage/sys-fs/diskdev_cmds-332.14_p1-r3/work/diskdev_cmds-332.14/include -DDEBUG_BUILD=0 -D_FILE_OFFSET_BITS=64 -D LINUX=1 -D BSD=1 -c -o SExtents.o SExtents.c In file included from /usr/include/strings.h:144, from /usr/include/string.h:432, from SRuntime.h:36, from BTree.h:37, from SExtents.c:37: In function 'bzero', inlined from 'DeallocateFile' at SExtents.c:701:3: /usr/include/bits/strings_fortified.h:31:10: warning: '__builtin___memset_chk' forming offset [64, 75] is out of the bounds [0, 64] of object 'dataForkExtents' with type 'HFSPlusExtentRecord' {aka 'HFSPlusExtentDescriptor[8]'} [-Warray-bounds] 31 | (void) __builtin___memset_chk (__dest, '\0', __len, __bos0 (__dest)); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SExtents.c: In function 'DeallocateFile': SExtents.c:687:23: note: 'dataForkExtents' declared here 687 | HFSPlusExtentRecord dataForkExtents; | ^~~~~~~~~~~~~~~ In file included from /usr/include/strings.h:144, from /usr/include/string.h:432, from SRuntime.h:36, from BTree.h:37, from SExtents.c:37: In function 'bzero', inlined from 'DeallocateFile' at SExtents.c:704:3: /usr/include/bits/strings_fortified.h:31:10: warning: '__builtin___memset_chk' forming offset [64, 75] is out of the bounds [0, 64] of object 'rsrcForkExtents' with type 'HFSPlusExtentRecord' {aka 'HFSPlusExtentDescriptor[8]'} [-Warray-bounds] 31 | (void) __builtin___memset_chk (__dest, '\0', __len, __bos0 (__dest)); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ """
The code in question is: """ ClearMemory(&dataForkExtents[i].startBlock, sizeof(HFSPlusExtentRecord) - sizeof(HFSExtentRecord)); ClearMemory(&rsrcForkExtents[i].startBlock, sizeof(HFSPlusExtentRecord) - sizeof(HFSExtentRecord)); """ It's a bit fishy to follow, but it does not look immediately incorrect.
