Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 865353 Details for
Bug 908809
x11-libs/qwt:6[qt6]: sandbox causes qmake to fail: Project ERROR: Cannot run compiler 'g++'
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
fix sys-apps/sandbox-2.35 QA-notice
sandbox-2.35.patch (text/plain), 5.47 KB, created by
gto7052
on 2023-07-10 17:35:28 UTC
(
hide
)
Description:
fix sys-apps/sandbox-2.35 QA-notice
Filename:
MIME Type:
Creator:
gto7052
Created:
2023-07-10 17:35:28 UTC
Size:
5.47 KB
patch
obsolete
># Fix QA Notices in sys-apps/sandbox-2.35 (and maybe also some recently reported sandbox errors) ># * QA Notice: Package triggers severe warnings which indicate that it ># * may exhibit random runtime failures. ># * /tmp/portage/sys-apps/sandbox-2.35/work/sandbox-2.35/src/environ.c:211:19: warning: the comparison will always evaluate as âtrueâ for the address of âwork_dirâ will never be NULL [-Waddress] ># * /tmp/portage/sys-apps/sandbox-2.35/work/sandbox-2.35/libsandbox/canonicalize.c:113:41: warning: passing argument 2 to 'restrict'-qualified parameter aliases with argument 1 [-Wrestrict] ># * /tmp/portage/sys-apps/sandbox-2.35/work/sandbox-2.35/libsandbox/libsandbox.c:144:9: warning: passing argument 2 to 'restrict'-qualified parameter aliases with argument 1 [-Wrestrict] ># ># * Please do not file a Gentoo bug and instead report the above QA ># * issues directly to the upstream developers of this software. ># * Homepage: https://wiki.gentoo.org/wiki/Project:Sandbox > > >diff --git a/libsandbox/canonicalize.c b/libsandbox/canonicalize.c >index f742ed4..68391c7 100644 >--- a/libsandbox/canonicalize.c >+++ b/libsandbox/canonicalize.c >@@ -110,10 +110,17 @@ erealpath(const char *name, char *resolved) > if (lstat64(rpath, &st)) > break; > if (S_ISLNK(st.st_mode)) { >- ssize_t cnt = readlink(rpath, rpath, path_max); >+ /* avoid undefined behaviour resulting from passing rpath >+ * as source and destination buffer to readlink: >+ * warning: passing argument 2 to 'restrict'-qualified >+ * parameter aliases with argument 1 [-Wrestrict] >+ */ >+ char buffer[path_max]; >+ ssize_t cnt = readlink(rpath, buffer, sizeof(buffer)); > if (cnt == -1) > break; >- rpath[cnt] = '\0'; >+ buffer[cnt] = '\0'; >+ strcpy(rpath,buffer); > if (p) { > size_t bytes_left = strlen(p); > if (bytes_left >= path_max) >diff --git a/libsandbox/libsandbox.c b/libsandbox/libsandbox.c >index 847b4e2..55347b9 100644 >--- a/libsandbox/libsandbox.c >+++ b/libsandbox/libsandbox.c >@@ -131,7 +131,7 @@ int resolve_dirfd_path(int dirfd, const char *path, char *resolved_path, > > save_errno(); > >- size_t at_len = resolved_path_len - 1 - 1 - (path ? strlen(path) : 0); >+ /*unused: size_t at_len = resolved_path_len - 1 - 1 - (path ? strlen(path) : 0);*/ > if (trace_pid) { > sprintf(resolved_path, "/proc/%i/fd/%i", trace_pid, dirfd); > } else { >@@ -141,7 +141,16 @@ int resolve_dirfd_path(int dirfd, const char *path, char *resolved_path, > */ > sprintf(resolved_path, "%s/%i", sb_get_fd_dir(), dirfd); > } >- ssize_t ret = readlink(resolved_path, resolved_path, at_len); >+ >+ >+ /* avoid undefined behaviour resulting from passing resolved_path >+ * as source and destination buffer to readlink: >+ * C99 warning: passing argument 2 to 'restrict'-qualified >+ * parameter aliases with argument 1 [-Wrestrict] >+ */ >+ char buffer[resolved_path_len]; >+ >+ ssize_t ret = readlink(resolved_path, buffer, sizeof(buffer)); > if (ret == -1) { > /* see comments at end of check_syscall() */ > if (errno_is_too_long()) { >@@ -153,11 +162,25 @@ int resolve_dirfd_path(int dirfd, const char *path, char *resolved_path, > if (errno == ENOENT) > errno = EBADF; > return -1; >- } >- resolved_path[ret] = '/'; >- resolved_path[ret + 1] = '\0'; >- if (path) >- strcat(resolved_path, path); >+ } else if (ret + 1 >= sizeof(buffer)) { >+ errno = ENOMEM; >+ sb_debug_dyn("AT_FD LOOKUP: unsufficient buffer space for resolved_path; max len is %ld; %s\n", sizeof(buffer), strerror(errno)); >+ return -1; >+ } >+ >+ buffer[ret] = '/'; >+ buffer[ret + 1] = '\0'; >+ if (path) { >+ if ( strlen(buffer) + strlen(path) + 1 < sizeof(buffer) ) { >+ strcat(buffer, path); >+ } else { >+ errno = ENOMEM; >+ sb_debug_dyn("AT_FD LOOKUP: unsufficient buffer space for resolved_path+path; max len is %ld; %s\n", sizeof(buffer), strerror(errno)); >+ return -1; >+ } >+ } >+ >+ strcpy(resolved_path,buffer); > > restore_errno(); > return 0; >diff --git a/src/environ.c b/src/environ.c >index 542dd64..2b28c0b 100644 >--- a/src/environ.c >+++ b/src/environ.c >@@ -208,7 +208,7 @@ static int setup_cfg_vars(struct sandbox_info_t *sandbox_info) > if (-1 == setup_access_var(ENV_SANDBOX_WRITE)) > return -1; > if ((NULL == getenv(ENV_SANDBOX_WRITE)) && >- (NULL != sandbox_info->work_dir)) >+ strlen(sandbox_info->work_dir)) > setenv(ENV_SANDBOX_WRITE, sandbox_info->work_dir, 1); > > if (-1 == setup_access_var(ENV_SANDBOX_PREDICT)) >diff --git a/src/sandbox.c b/src/sandbox.c >index ed0c7f6..7951d46 100644 >--- a/src/sandbox.c >+++ b/src/sandbox.c >@@ -34,10 +34,12 @@ const char sbio_fallback_path[] = "/dev/stderr"; > > static int setup_sandbox(struct sandbox_info_t *sandbox_info, bool interactive) > { >- if (NULL != getenv(ENV_PORTAGE_TMPDIR)) { >- /* Portage handle setting SANDBOX_WRITE itself. */ >- sandbox_info->work_dir[0] = '\0'; >- } else { >+ /* avoid using uninitialized fields */ >+ memset(sandbox_info,0,sizeof(*sandbox_info)); >+ >+ >+ if (NULL == getenv(ENV_PORTAGE_TMPDIR)) { >+ /* Portage does not handle setting SANDBOX_WRITE itself. */ > if (NULL == getcwd(sandbox_info->work_dir, SB_PATH_MAX)) { > sb_pwarn("failed to get current directory"); > return -1; >@@ -249,7 +251,7 @@ int main(int argc, char **argv) > dputs("Setting up the required environment variables."); > > /* If not in portage, cd into it work directory */ >- if ('\0' != sandbox_info.work_dir[0]) >+ if (strlen(sandbox_info.work_dir)) > if (chdir(sandbox_info.work_dir)) > sb_perr("chdir(%s) failed", sandbox_info.work_dir); >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 908809
:
864179
|
864419
|
864511
| 865353