[asterisk-dev] Fwd: Bug#925760: libss7: ftbfs with GCC-9

Dennis Buteyn dennis.buteyn at xorcom.com
Sun Mar 31 02:59:45 CDT 2019 

GCC 8 added Wstringop-truncation, specifically designed to detect 
strncat and strncpy bugs.

The errors given by GCC are valid, none of these strings are forcibly 
null-terminated after copy.

While I'm in no way an expert in the SS7 protocol stack, at a glance it 
seems that the only mitigation is that many/all of these fields appear 
to have a length that is shorter than the destination buffer (eg. I 
believe called_party_num is at most 15 characters long, the buffer for 
it is 50 bytes in length). GCC does not know this and thus warns of a 
potential buffer overrun.

Still, someone should probably correct these issues.


Dennis Buteyn
Xorcom Ltd

On 3/29/19 10:39 AM, Tzafrir Cohen wrote:
> Hi,
>
>
> I wanted to report this as a bug on the libss7 component, but I failed
> to do so: there are no versions there and thus I can't set a version.
>
> Basically it seems gcc does not like strncpy with size same as the
> buffer size, as in case the source is not null-terminated, the target
> won't be.
>
>
>
> -------- Forwarded Message --------
> Subject: 	Bug#925760: libss7: ftbfs with GCC-9
>
> 	
>
> 	
>
> 	
>
> 	
>
> 	
>
> 	
>
> 	
>
>
>
> Package: src:libss7
> Version: 2.0.0-2
> Severity: normal
> Tags: sid bullseye
> User: debian-gcc at lists.debian.org
> Usertags: ftbfs-gcc-9
>
> Please keep this issue open in the bug tracker for the package it
> was filed for. If a fix in another package is required, please
> file a bug for the other package (or clone), and add a block in this
> package. Please keep the issue open until the package can be built in
> a follow-up test rebuild.
>
> The package fails to build in a test rebuild on at least amd64 with
> gcc-9/g++-9, but succeeds to build with gcc-8/g++-8. The
> severity of this report will be raised before the bullseye release,
> so nothing has to be done for the buster release.
>
> The full build log can be found at:
> http://people.debian.org/~doko/logs/gcc9-20190321/libss7_2.0.0-2_unstable_gcc9.log
> The last lines of the build log are at the end of this report.
>
> To build with GCC 9, either set CC=gcc-9 CXX=g++-9 explicitly,
> or install the gcc, g++, gfortran, ... packages from experimental.
>
> apt-get -t=experimental install g++
> Common build failures are new warnings resulting in build failures with
> -Werror turned on, or new/dropped symbols in Debian symbols files.
> For other C/C++ related build failures see the porting guide at
> http://gcc.gnu.org/gcc-9/porting_to.html
>
> GCC 9 also passes the linker option --as-needed by default; typical
> build issues are passing libraries before object files to the linker,
> or underlinking of convenience libraries built from the same source.
>
> [...]
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> In function 'strncpy',
> inlined from 'isup_event_iam' at isup.c:4337:2:
> /usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: error:
> '__builtin_strncpy' output may be truncated copying 50 bytes from a
> string of length 63 [-Werror=stringop-truncation]
> 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> In function 'strncpy',
> inlined from 'isup_event_iam' at isup.c:4341:2:
> /usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: error:
> '__builtin_strncpy' output may be truncated copying 50 bytes from a
> string of length 63 [-Werror=stringop-truncation]
> 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> In function 'strncpy',
> inlined from 'isup_event_iam' at isup.c:4347:2:
> /usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: error:
> '__builtin_strncpy' output may be truncated copying 50 bytes from a
> string of length 63 [-Werror=stringop-truncation]
> 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> In function 'strncpy',
> inlined from 'isup_event_iam' at isup.c:4350:2:
> /usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: error:
> '__builtin_strncpy' output may be truncated copying 50 bytes from a
> string of length 63 [-Werror=stringop-truncation]
> 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> In function 'strncpy',
> inlined from 'isup_event_iam' at isup.c:4353:2:
> /usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: error:
> '__builtin_strncpy' output may be truncated copying 50 bytes from a
> string of length 63 [-Werror=stringop-truncation]
> 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> In function 'strncpy',
> inlined from 'isup_event_iam' at isup.c:4361:2:
> /usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: error:
> '__builtin_strncpy' output may be truncated copying 50 bytes from a
> string of length 63 [-Werror=stringop-truncation]
> 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> In function 'strncpy',
> inlined from 'isup_event_iam' at isup.c:4362:2:
> /usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: error:
> '__builtin_strncpy' output may be truncated copying 50 bytes from a
> string of length 63 [-Werror=stringop-truncation]
> 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> In function 'strncpy',
> inlined from 'isup_event_iam' at isup.c:4366:2:
> /usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: error:
> '__builtin_strncpy' output may be truncated copying 50 bytes from a
> string of length 63 [-Werror=stringop-truncation]
> 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> In function 'strncpy',
> inlined from 'isup_receive' at isup.c:4101:4:
> /usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: error:
> '__builtin_strncpy' output may be truncated copying 50 bytes from a
> string of length 63 [-Werror=stringop-truncation]
> 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> In function 'strncpy',
> inlined from 'isup_receive' at isup.c:3862:4:
> /usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: error:
> '__builtin_strncpy' output may be truncated copying 50 bytes from a
> string of length 63 [-Werror=stringop-truncation]
> 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> In function 'strncpy',
> inlined from 'isup_receive' at isup.c:3837:4:
> /usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: error:
> '__builtin_strncpy' output may be truncated copying 50 bytes from a
> string of length 63 [-Werror=stringop-truncation]
> 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> In function 'strncpy',
> inlined from 'isup_receive' at isup.c:3639:4:
> /usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: error:
> '__builtin_strncpy' output may be truncated copying 50 bytes from a
> string of length 63 [-Werror=stringop-truncation]
> 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> gcc -g -O2 -fdebug-prefix-map=/<<PKGBUILDDIR>>=.
> -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time
> -D_FORTIFY_SOURCE=2 -g -Wall -Werror -Wstrict-prototypes
> -Wmissing-prototypes -fPIC -O2 -MD -MT ss7_sched.o -MF .ss7_sched.o.d
> -MP -c -o ss7_sched.o ss7_sched.c
> gcc -g -O2 -fdebug-prefix-map=/<<PKGBUILDDIR>>=.
> -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time
> -D_FORTIFY_SOURCE=2 -g -Wall -Werror -Wstrict-prototypes
> -Wmissing-prototypes -fPIC -O2 -MD -MT parser_debug.o -MF
> .parser_debug.o.d -MP -c -o parser_debug.o parser_debug.c
> gcc -g -O2 -fdebug-prefix-map=/<<PKGBUILDDIR>>=.
> -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time
> -D_FORTIFY_SOURCE=2 -g -Wall -Werror -Wstrict-prototypes
> -Wmissing-prototypes -fPIC -O2 -MD -MT version.o -MF .version.o.d -MP -c
> -o version.o version.c
> cc1: all warnings being treated as errors
> make[1]: *** [Makefile:177: isup.o] Error 1
> make[1]: Leaving directory '/<<PKGBUILDDIR>>'
> dh_auto_build: make -j4 returned exit code 2
> make: *** [debian/rules:9: build-arch] Error 2
> dpkg-buildpackage: error: debian/rules build-arch subprocess returned
> exit status 2
>
>

More information about the asterisk-dev mailing list