[PATCH] Enforce strict overflow checking
Andreas Schneider
asn at samba.org
Wed Mar 21 18:41:54 UTC 2018
On Wednesday, 21 March 2018 19:22:45 CET Jeremy Allison wrote:
> On Thu, Mar 22, 2018 at 06:55:57AM +1300, Andrew Bartlett wrote:
> > On Wed, 2018-03-21 at 10:26 -0700, Jeremy Allison via samba-technical
> >
> > wrote:
> > > Spoke too soon. On my workstation the build passes,
> > >
> > > gcc -v
> > > gcc version 7.3.0 (Debian 7.3.0-5)
> > >
> > > but on sn-devel we have:
> > >
> > > [ 658/4270] Compiling lib/util/util_file.c
> > > ../lib/util/util_file.c: In function ???fgets_slash???:
> > > ../lib/util/util_file.c:108:8: error: assuming signed overflow does not
> > > occur when simplifying conditional to constant
> > > [-Werror=strict-overflow]> >
> > > while (len < maxlen-1) {
> > >
> > > ^
> > >
> > > ../lib/util/util_file.c:108:8: error: assuming signed overflow does not
> > > occur when simplifying conditional to constant
> > > [-Werror=strict-overflow] cc1: all warnings being treated as errors
> > >
> > > sn-devel-144:~$ gcc -v
> > > gcc version 4.8.4 (Ubuntu 4.8.4-2ubuntu1~14.04.4)
> > >
> > > Andreas, I think you're going to have to work this
> > > through on sn-devel first if it's going to go
> > > through.
> >
> > Or push to github and have travis-ci chew it over (make a pull request
> > or set it up on the source repo). Andreas did that (made a pull
>
> Yes, but that would mean pushing to a proprietary software-as-a-service
> provider, which is something we're trying to avoid.
>
> github != Free Software.
>
> We need to remember that. Yes I know I also work for a proprietary
> software-as-a-service vendor, but none of our infrastructure *depends*
> on it. I'm trying to avoid us drifting into that place by accident.
Attached is my current version. The ldb fixes don't work. I think this code
needs unit tests and some rethinking. I need to dive into that tomorrow.
Andreas
--
Andreas Schneider GPG-ID: CC014E3D
Samba Team asn at samba.org
www.samba.org
-------------- next part --------------
>From 02b8f480a3d296748f6a493125598748ec8b61e5 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Wed, 21 Mar 2018 14:32:49 +0100
Subject: [PATCH 01/13] third_party: Fix size type in cmocka
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
---
third_party/cmocka/cmocka.c | 24 ++++++++++++------------
1 file changed, 12 insertions(+), 12 deletions(-)
diff --git a/third_party/cmocka/cmocka.c b/third_party/cmocka/cmocka.c
index 14b2765b781..a5115c7cb5e 100644
--- a/third_party/cmocka/cmocka.c
+++ b/third_party/cmocka/cmocka.c
@@ -244,8 +244,8 @@ static void free_symbol_map_value(
static void remove_always_return_values(ListNode * const map_head,
const size_t number_of_symbol_names);
-static int check_for_leftover_values_list(const ListNode * head,
- const char * const error_message);
+static size_t check_for_leftover_values_list(const ListNode * head,
+ const char * const error_message);
static int check_for_leftover_values(
const ListNode * const map_head, const char * const error_message,
@@ -811,11 +811,11 @@ static void remove_always_return_values(ListNode * const map_head,
}
}
-static int check_for_leftover_values_list(const ListNode * head,
- const char * const error_message)
+static size_t check_for_leftover_values_list(const ListNode * head,
+ const char * const error_message)
{
ListNode *child_node;
- int leftover_count = 0;
+ size_t leftover_count = 0;
if (!list_empty(head))
{
for (child_node = head->next; child_node != head;
@@ -1952,10 +1952,10 @@ static const ListNode* check_point_allocated_blocks(void) {
/* Display the blocks allocated after the specified check point. This
* function returns the number of blocks displayed. */
-static int display_allocated_blocks(const ListNode * const check_point) {
+static size_t display_allocated_blocks(const ListNode * const check_point) {
const ListNode * const head = get_allocated_blocks_list();
const ListNode *node;
- int allocated_blocks = 0;
+ size_t allocated_blocks = 0;
assert_non_null(check_point);
assert_non_null(check_point->next);
@@ -1964,14 +1964,14 @@ static int display_allocated_blocks(const ListNode * const check_point) {
(const MallocBlockInfo*)node->value;
assert_non_null(block_info);
- if (!allocated_blocks) {
+ if (allocated_blocks == 0) {
cm_print_error("Blocks allocated...\n");
}
cm_print_error(SOURCE_LOCATION_FORMAT ": note: block %p allocated here\n",
block_info->location.file,
block_info->location.line,
block_info->block);
- allocated_blocks ++;
+ allocated_blocks++;
}
return allocated_blocks;
}
@@ -1997,10 +1997,10 @@ static void free_allocated_blocks(const ListNode * const check_point) {
/* Fail if any any blocks are allocated after the specified check point. */
static void fail_if_blocks_allocated(const ListNode * const check_point,
const char * const test_name) {
- const int allocated_blocks = display_allocated_blocks(check_point);
- if (allocated_blocks) {
+ const size_t allocated_blocks = display_allocated_blocks(check_point);
+ if (allocated_blocks > 0) {
free_allocated_blocks(check_point);
- cm_print_error("ERROR: %s leaked %d block(s)\n", test_name,
+ cm_print_error("ERROR: %s leaked %zu block(s)\n", test_name,
allocated_blocks);
exit_test(1);
}
--
2.16.2
>From 943d4f4acd98b26d40b413cb2e8d3001b022ce99 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Wed, 21 Mar 2018 17:19:39 +0100
Subject: [PATCH 02/13] third_party: Fix overflow checking in pam_wrapper
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
---
third_party/pam_wrapper/pam_wrapper.c | 14 +++++++++-----
1 file changed, 9 insertions(+), 5 deletions(-)
diff --git a/third_party/pam_wrapper/pam_wrapper.c b/third_party/pam_wrapper/pam_wrapper.c
index 482b38841a3..36d0aa6a679 100644
--- a/third_party/pam_wrapper/pam_wrapper.c
+++ b/third_party/pam_wrapper/pam_wrapper.c
@@ -567,7 +567,6 @@ static int p_copy(const char *src, const char *dst, const char *pdir, mode_t mod
}
for (;;) {
- char *p;
bread = read(srcfd, buf, BUFFER_SIZE);
if (bread == 0) {
/* done */
@@ -580,16 +579,21 @@ static int p_copy(const char *src, const char *dst, const char *pdir, mode_t mod
/* EXTRA UGLY HACK */
if (pdir != NULL) {
- p = buf;
+ size_t i;
+
+ for (i = 0; i < BUFFER_SIZE; i++) {
+ if (buf[i] == '/') {
+ char *p = &buf[i];
+
+ if (i + 10 > BUFFER_SIZE) {
+ break;
+ }
- while (p < buf + BUFFER_SIZE) {
- if (*p == '/') {
cmp = memcmp(p, "/etc/pam.d", 10);
if (cmp == 0) {
memcpy(p, pdir, 10);
}
}
- p++;
}
}
--
2.16.2
>From 80798a805f07b7b546b8118ee6977c0dbbbfe20b Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Thu, 7 Dec 2017 18:01:45 +0100
Subject: [PATCH 03/13] s3:printing: Fix size check in get_file_version()
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
---
source3/printing/nt_printing.c | 24 ++++++++++++++++++------
1 file changed, 18 insertions(+), 6 deletions(-)
diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c
index 2e500f18c7d..241af37743e 100644
--- a/source3/printing/nt_printing.c
+++ b/source3/printing/nt_printing.c
@@ -485,19 +485,31 @@ static int get_file_version(files_struct *fsp, char *fname,uint32_t *major, uint
/* Potential match data crosses buf boundry, move it to beginning
* of buf, and fill the buf with as much as it will hold. */
if (i>byte_count-VS_VERSION_INFO_SIZE) {
- int bc;
+ ssize_t amount_read;
+ ssize_t amount_unused = byte_count-i;
- memcpy(buf, &buf[i], byte_count-i);
- if ((bc = vfs_read_data(fsp, &buf[byte_count-i], VS_NE_BUF_SIZE-
- (byte_count-i))) < 0) {
+ memmove(buf, &buf[i], amount_unused);
+ amount_read = vfs_read_data(fsp,
+ &buf[amount_unused],
+ VS_NE_BUF_SIZE- amount_unused);
+ if (amount_read < 0) {
DEBUG(0,("get_file_version: NE file [%s] Read error, errno=%d\n",
fname, errno));
goto error_exit;
}
- byte_count = bc + (byte_count - i);
- if (byte_count<VS_VERSION_INFO_SIZE) break;
+ if (amount_read + amount_unused <
+ amount_read) {
+ /* Check for integer wrap. */
+ break;
+ }
+
+ byte_count = amount_read +
+ amount_unused;
+ if (byte_count < VS_VERSION_INFO_SIZE) {
+ break;
+ }
i = 0;
}
--
2.16.2
>From 238ed20c0c6aaef40d64848efb828b69225b4763 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Wed, 21 Mar 2018 11:19:44 +0100
Subject: [PATCH 04/13] s3:lib: Fix size types in ms_fnmatch()
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
---
source3/lib/ms_fnmatch.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/source3/lib/ms_fnmatch.c b/source3/lib/ms_fnmatch.c
index 9763afefe76..a69407b5267 100644
--- a/source3/lib/ms_fnmatch.c
+++ b/source3/lib/ms_fnmatch.c
@@ -150,7 +150,8 @@ int ms_fnmatch(const char *pattern, const char *string, bool translate_pattern,
{
smb_ucs2_t *p = NULL;
smb_ucs2_t *s = NULL;
- int ret, count, i;
+ int ret;
+ size_t count, i;
struct max_n *max_n = NULL;
struct max_n *max_n_free = NULL;
struct max_n one_max_n;
--
2.16.2
>From 4b358566e3df2efea11b226f4d0e552a061b845b Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Wed, 21 Mar 2018 11:24:45 +0100
Subject: [PATCH 05/13] s3:lib: Fix size types in tldap_find_first_star()
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
---
source3/lib/tldap.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/source3/lib/tldap.c b/source3/lib/tldap.c
index 205a9cf2b06..bfb24ee8661 100644
--- a/source3/lib/tldap.c
+++ b/source3/lib/tldap.c
@@ -1262,7 +1262,8 @@ static bool tldap_find_first_star(const char *val, const char **star)
static bool tldap_unescape_inplace(char *value, size_t *val_len)
{
- int c, i, p;
+ int c;
+ size_t i, p;
for (i = 0,p = 0; i < *val_len; i++) {
--
2.16.2
>From 674d8c5087bf3841271d2aa511307aa3fa4aaca9 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Wed, 21 Mar 2018 11:26:55 +0100
Subject: [PATCH 06/13] lib:param: Fix the size type in
lp_do_parameter_parametric()
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
---
lib/param/loadparm.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c
index b46700dfb54..0c1b28babbc 100644
--- a/lib/param/loadparm.c
+++ b/lib/param/loadparm.c
@@ -1598,7 +1598,7 @@ static bool lp_do_parameter_parametric(struct loadparm_context *lp_ctx,
static bool set_variable_helper(TALLOC_CTX *mem_ctx, int parmnum, void *parm_ptr,
const char *pszParmName, const char *pszParmValue)
{
- int i;
+ size_t i;
/* switch on the type of variable it is */
switch (parm_table[parmnum].type)
--
2.16.2
>From 93ba2814212c461ce481f59f442868fbb377f1b1 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Wed, 21 Mar 2018 12:49:38 +0100
Subject: [PATCH 07/13] lib:util: Fix size types in fgets_slash()
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
---
lib/util/samba_util.h | 2 +-
lib/util/util_file.c | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/lib/util/samba_util.h b/lib/util/samba_util.h
index b78252316c8..7b96a595d43 100644
--- a/lib/util/samba_util.h
+++ b/lib/util/samba_util.h
@@ -352,7 +352,7 @@ const char **str_list_make_v3_const(TALLOC_CTX *mem_ctx,
*/
_PUBLIC_ char *afdgets(int fd, TALLOC_CTX *mem_ctx, size_t hint);
-char *fgets_slash(TALLOC_CTX *mem_ctx, char *s2, int maxlen, FILE *f);
+char *fgets_slash(TALLOC_CTX *mem_ctx, char *s2, size_t maxlen, FILE *f);
/**
load a file into memory from a fd.
diff --git a/lib/util/util_file.c b/lib/util/util_file.c
index 499e8c46693..bf2f3e1a27f 100644
--- a/lib/util/util_file.c
+++ b/lib/util/util_file.c
@@ -79,10 +79,10 @@ _PUBLIC_ char *afdgets(int fd, TALLOC_CTX *mem_ctx, size_t hint)
return data;
}
-char *fgets_slash(TALLOC_CTX *mem_ctx, char *s2, int maxlen, FILE *f)
+char *fgets_slash(TALLOC_CTX *mem_ctx, char *s2, size_t maxlen, FILE *f)
{
char *s = s2;
- int len = 0;
+ size_t len = 0;
int c;
bool start_of_line = true;
--
2.16.2
>From b0dfd8a1e30768b335ab69d32ae698d30290c863 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Wed, 21 Mar 2018 11:55:45 +0100
Subject: [PATCH 08/13] talloc: Fix size type and checks in _vasprintf_tc
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
---
lib/talloc/talloc.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/lib/talloc/talloc.c b/lib/talloc/talloc.c
index cd159ef89c2..430ebc70f54 100644
--- a/lib/talloc/talloc.c
+++ b/lib/talloc/talloc.c
@@ -2554,7 +2554,8 @@ static struct talloc_chunk *_vasprintf_tc(const void *t,
const char *fmt,
va_list ap)
{
- int len;
+ int vlen;
+ size_t len;
char *ret;
va_list ap2;
struct talloc_chunk *tc;
@@ -2562,9 +2563,13 @@ static struct talloc_chunk *_vasprintf_tc(const void *t,
/* this call looks strange, but it makes it work on older solaris boxes */
va_copy(ap2, ap);
- len = vsnprintf(buf, sizeof(buf), fmt, ap2);
+ vlen = vsnprintf(buf, sizeof(buf), fmt, ap2);
va_end(ap2);
- if (unlikely(len < 0)) {
+ if (unlikely(vlen < 0)) {
+ return NULL;
+ }
+ len = vlen;
+ if (unlikely(len + 1 < len)) {
return NULL;
}
--
2.16.2
>From 075b9dbc64d1a960da920a025c34ce957acfb59c Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Wed, 21 Mar 2018 16:46:49 +0100
Subject: [PATCH 09/13] s4:registry: Fix size type and loops
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
---
source4/lib/registry/tools/regshell.c | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/source4/lib/registry/tools/regshell.c b/source4/lib/registry/tools/regshell.c
index 5308d30e849..48251c33ea4 100644
--- a/source4/lib/registry/tools/regshell.c
+++ b/source4/lib/registry/tools/regshell.c
@@ -428,7 +428,7 @@ static char **reg_complete_command(const char *text, int start, int end)
/* Complete command */
char **matches;
size_t len, samelen=0;
- int i, count=1;
+ size_t i, count = 1;
matches = malloc_array_p(char *, MAX_COMPLETIONS);
if (!matches) return NULL;
@@ -463,10 +463,8 @@ static char **reg_complete_command(const char *text, int start, int end)
return matches;
cleanup:
- count--;
- while (count >= 0) {
- free(matches[count]);
- count--;
+ for (i = 0; i < count; i++) {
+ free(matches[i]);
}
free(matches);
return NULL;
--
2.16.2
>From 82dfb60df024f27cf0c0aa3e56ac9e2989a28acc Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Wed, 21 Mar 2018 13:02:26 +0100
Subject: [PATCH 10/13] heimdal: Fix size types and array access
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
---
.../heimdal/lib/gssapi/mech/gss_set_cred_option.c | 2 +-
source4/heimdal/lib/krb5/addr_families.c | 29 +++++++++++++---------
2 files changed, 18 insertions(+), 13 deletions(-)
diff --git a/source4/heimdal/lib/gssapi/mech/gss_set_cred_option.c b/source4/heimdal/lib/gssapi/mech/gss_set_cred_option.c
index d33453d92fe..653565b856d 100644
--- a/source4/heimdal/lib/gssapi/mech/gss_set_cred_option.c
+++ b/source4/heimdal/lib/gssapi/mech/gss_set_cred_option.c
@@ -41,7 +41,7 @@ gss_set_cred_option (OM_uint32 *minor_status,
struct _gss_cred *cred = (struct _gss_cred *) *cred_handle;
OM_uint32 major_status = GSS_S_COMPLETE;
struct _gss_mechanism_cred *mc;
- int one_ok = 0;
+ OM_uint32 one_ok = 0;
*minor_status = 0;
diff --git a/source4/heimdal/lib/krb5/addr_families.c b/source4/heimdal/lib/krb5/addr_families.c
index 5d321a7e917..1f7b7266608 100644
--- a/source4/heimdal/lib/krb5/addr_families.c
+++ b/source4/heimdal/lib/krb5/addr_families.c
@@ -803,7 +803,7 @@ static struct addr_operations at[] = {
}
};
-static int num_addrs = sizeof(at) / sizeof(at[0]);
+static size_t num_addrs = sizeof(at) / sizeof(at[0]);
static size_t max_sockaddr_size = 0;
@@ -814,22 +814,26 @@ static size_t max_sockaddr_size = 0;
static struct addr_operations *
find_af(int af)
{
- struct addr_operations *a;
+ size_t i;
- for (a = at; a < at + num_addrs; ++a)
- if (af == a->af)
- return a;
+ for (i = 0; i < num_addrs; i++) {
+ if (af == at[i].af) {
+ return &at[i];
+ }
+ }
return NULL;
}
static struct addr_operations *
find_atype(krb5_address_type atype)
{
- struct addr_operations *a;
+ size_t i;
- for (a = at; a < at + num_addrs; ++a)
- if (atype == a->atype)
- return a;
+ for (i = 0; i < num_addrs; i++) {
+ if (atype == at[i].atype) {
+ return &at[i];
+ }
+ }
return NULL;
}
@@ -949,10 +953,11 @@ KRB5_LIB_FUNCTION size_t KRB5_LIB_CALL
krb5_max_sockaddr_size (void)
{
if (max_sockaddr_size == 0) {
- struct addr_operations *a;
+ size_t i;
- for(a = at; a < at + num_addrs; ++a)
- max_sockaddr_size = max(max_sockaddr_size, a->max_sockaddr_size);
+ for (i = 0; i < num_addrs; i++) {
+ max_sockaddr_size = max(max_sockaddr_size, at[i].max_sockaddr_size);
+ }
}
return max_sockaddr_size;
}
--
2.16.2
>From 04247d28c619123157ff6da4966ac6b847778579 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Wed, 21 Mar 2018 17:46:30 +0100
Subject: [PATCH 11/13] s4:torture: Fix size types in torture_create_procs()
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
---
source4/torture/util_smb.c | 23 ++++++++++++-----------
1 file changed, 12 insertions(+), 11 deletions(-)
diff --git a/source4/torture/util_smb.c b/source4/torture/util_smb.c
index fcbdc7a86ed..5ca816f7cde 100644
--- a/source4/torture/util_smb.c
+++ b/source4/torture/util_smb.c
@@ -593,11 +593,12 @@ double torture_create_procs(struct torture_context *tctx,
bool (*fn)(struct torture_context *, struct smbcli_state *, int),
bool *result)
{
- int i, status;
+ int status;
+ size_t i;
struct child_status *child_status;
- int synccount;
- int tries = 8;
- int torture_nprocs = torture_setting_int(tctx, "nprocs", 4);
+ size_t synccount;
+ size_t tries = 8;
+ size_t torture_nprocs = torture_setting_int(tctx, "nprocs", 4);
double start_time_limit = 10 + (torture_nprocs * 1.5);
struct timeval tv;
@@ -629,7 +630,7 @@ double torture_create_procs(struct torture_context *tctx,
pid_t mypid = getpid();
srandom(((int)mypid) ^ ((int)time(NULL)));
- if (asprintf(&myname, "CLIENT%d", i) == -1) {
+ if (asprintf(&myname, "CLIENT%zu", i) == -1) {
printf("asprintf failed\n");
return -1;
}
@@ -654,7 +655,7 @@ double torture_create_procs(struct torture_context *tctx,
if (!child_status[i].start) {
child_status[i].result = TORTURE_ERROR;
- printf("Child %d failed to start!\n", i);
+ printf("Child %zu failed to start!\n", i);
_exit(1);
}
@@ -671,14 +672,14 @@ double torture_create_procs(struct torture_context *tctx,
if (strlen(tctx->last_reason) > 1023) {
/* note: reason already contains \n */
torture_comment(tctx,
- "child %d (pid %u) failed: %s",
+ "child %zu (pid %u) failed: %s",
i,
(unsigned)child_status[i].pid,
tctx->last_reason);
}
snprintf(child_status[i].reason,
- 1024, "child %d (pid %u) failed: %s",
+ 1024, "child %zu (pid %u) failed: %s",
i, (unsigned)child_status[i].pid,
tctx->last_reason);
/* ensure proper "\n\0" termination: */
@@ -705,7 +706,7 @@ double torture_create_procs(struct torture_context *tctx,
} while (timeval_elapsed(&tv) < start_time_limit);
if (synccount != torture_nprocs) {
- printf("FAILED TO START %d CLIENTS (started %d)\n", torture_nprocs, synccount);
+ printf("FAILED TO START %zu CLIENTS (started %zu)\n", torture_nprocs, synccount);
/* cleanup child processes */
for (i = 0; i < torture_nprocs; i++) {
@@ -718,7 +719,7 @@ double torture_create_procs(struct torture_context *tctx,
return timeval_elapsed(&tv);
}
- printf("Starting %d clients\n", torture_nprocs);
+ printf("Starting %zu clients\n", torture_nprocs);
/* start the client load */
tv = timeval_current();
@@ -726,7 +727,7 @@ double torture_create_procs(struct torture_context *tctx,
child_status[i].start = true;
}
- printf("%d clients started\n", torture_nprocs);
+ printf("%zu clients started\n", torture_nprocs);
kill(0, SIGCONT);
--
2.16.2
>From ad33e75d61b08b66c9aeff2e9cdfb8b25566777a Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Wed, 21 Mar 2018 16:25:30 +0100
Subject: [PATCH 12/13] WIP ldb: Fix overflow checks
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
---
lib/ldb/common/qsort.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/lib/ldb/common/qsort.c b/lib/ldb/common/qsort.c
index 1a0b886b8c2..a3ada3e864b 100644
--- a/lib/ldb/common/qsort.c
+++ b/lib/ldb/common/qsort.c
@@ -59,9 +59,8 @@ typedef struct
#define CHAR_BIT 8
#endif
#define STACK_SIZE (CHAR_BIT * sizeof(size_t))
-#define PUSH(low, high) ((void) ((top->lo = (low)), (top->hi = (high)), ++top))
-#define POP(low, high) ((void) (--top, (low = top->lo), (high = top->hi)))
-#define STACK_NOT_EMPTY (stack < top)
+#define PUSH(low, high) ((void) ((top->lo = (low)), (top->hi = (high)), top = &stack[++i]))
+#define POP(low, high) ((void) (top = &stack[--i], (low = top->lo), (high = top->hi)))
/* Order size using quicksort. This implementation incorporates
@@ -105,10 +104,11 @@ void ldb_qsort (void *const pbase, size_t total_elems, size_t size,
char *hi = &lo[size * (total_elems - 1)];
stack_node stack[STACK_SIZE];
stack_node *top = stack;
+ size_t i = 0;
PUSH (NULL, NULL);
- while (STACK_NOT_EMPTY)
+ while (i < STACK_SIZE)
{
char *left_ptr;
char *right_ptr;
--
2.16.2
>From 50b9567172daf70b157faca62b38ba89e7d35ccb Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Thu, 7 Dec 2017 15:27:44 +0100
Subject: [PATCH 13/13] wafsamba: Add '-Werror=strict-overflow
-Wstrict-overflow=2' to the developer build
We could move it to 3, but shouldn't go higher. If you set it to 4 and 5
youl will probably also get a lot of false positives.
Signed-off-by: Andreas Schneider <asn at samba.org>
---
buildtools/wafsamba/samba_autoconf.py | 2 ++
1 file changed, 2 insertions(+)
diff --git a/buildtools/wafsamba/samba_autoconf.py b/buildtools/wafsamba/samba_autoconf.py
index 35f4f36f61c..bdd7c8bd195 100644
--- a/buildtools/wafsamba/samba_autoconf.py
+++ b/buildtools/wafsamba/samba_autoconf.py
@@ -713,6 +713,8 @@ def SAMBA_CONFIG_H(conf, path=None):
testflags=True)
conf.ADD_CFLAGS('-Wimplicit-fallthrough',
testflags=True)
+ conf.ADD_CFLAGS('-Werror=strict-overflow -Wstrict-overflow=2',
+ testflags=True)
conf.ADD_CFLAGS('-Wformat=2 -Wno-format-y2k', testflags=True)
conf.ADD_CFLAGS('-Wno-format-zero-length', testflags=True)
--
2.16.2
More information about the samba-technical
mailing list