[PATCH] Enforce strict overflow checking

Andrew Bartlett abartlet at samba.org
Fri Mar 2 09:16:22 UTC 2018 

On Fri, 2018-03-02 at 10:02 +0100, Andreas Schneider via samba-
technical wrote:
> Hello,
> 
> in a lot of places we use the incorrect size types, which could lead to 
> issues. This is mostly int vs. size_t.
> 
> 	-Werror=strict-overflow -Wstrict-overflow=2
> 
> this allows us to use enforce the correct size types. We could discuss moving 
> to -Wstrict-overflow=3 but higher values don't make sense. You also get a 
> false positives with 4 or 5.
> 
> 
> The ms_fnmatch() patchset needs to be in master first, as it addresses a 
> strict-overflow issue (currently in autobuild).
> 
> 
> Review is much appreciated.

Thanks for the Heimdal pull request.  I've got merge rights there so
bug me if this doesn't land early next week.

Aside from:

> From 9042bdc220419ba8cdef37fa942562261fadca5a Mon Sep 17 00:00:00 2001
> From: Andreas Schneider <asn at samba.org>
> Date: Thu, 7 Dec 2017 16:40:51 +0100
> Subject: [PATCH 32/39] lib:param: Fix P_LIST case in set_variable_helper()
> 
> This fixes compilation with -Wstrict-overflow=2
> 
> Signed-off-by: Andreas Schneider <asn at samba.org>

and

> Subject: [PATCH 35/39] s3:locking: Fix integer overflow check in
>  posix_lock_in_range()
> 
> This fixes compilation with -Wstrict-overflow=2
> 
> Signed-off-by: Andreas Schneider <asn at samba.org>
> ---
>  source3/locking/posix.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 

and

> From f3dea9f7382ddee9307146d3beeb97c9b3f2ba78 Mon Sep 17 00:00:00 2001
> From: Andreas Schneider <asn at samba.org>
> Date: Thu, 7 Dec 2017 18:01:45 +0100
> Subject: [PATCH 36/39] s3:printing: Fix size check in get_file_version()
> 
> This fixes compilation with -Wstrict-overflow=2
> 
> Signed-off-by: Andreas Schneider <asn at samba.org>

which might be fine, but it is after 10pm here and I'm not actually a
night-owl :-)

Reviewed-by: Andrew Bartlett <abartlet at samba.org>

As this is about integer overflow, another set of eyes would be good,
but not compulsory.  

Thanks,

Andrew Bartlett

-- 
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

More information about the samba-technical mailing list