[PATCH] Enforce strict overflow checking
Andreas Schneider
asn at samba.org
Thu Mar 22 20:48:00 UTC 2018
On Wednesday, 21 March 2018 18:26:04 CET Jeremy Allison via samba-technical
wrote:
> Andreas, I think you're going to have to work this
> through on sn-devel first if it's going to go
> through.
>
> I've re-pushed without the final patch that
> turns on '-Werror=strict-overflow -Wstrict-overflow=2'.
I'm still working on this and the gcc on sn-devel is much more picky than my
gcc.
I'm attaching the latest patchset which still does not fully pass autobuild.
The current issue is that ancient getdate.y/getdate.c for vfs_readonly. I
wondered if running flex getdate.y would maybe produce and up to date version
which is compiler friendlier but I have no clue how this stuff really works.
Alexander?
However I've fixed the ldb_qsort issue and wrote a test for it.
Cheers,
Andreas
--
Andreas Schneider GPG-ID: CC014E3D
Samba Team asn at samba.org
www.samba.org
-------------- next part --------------
>From 1711c76776f9674c912b48c1f766106475b52bbd Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Thu, 22 Mar 2018 09:53:03 +0100
Subject: [PATCH 01/17] ldb: Add test for ldb_qsort()
Signed-off-by: Andreas Schneider <asn at samba.org>
---
lib/ldb/tests/test_ldb_qsort.c | 65 ++++++++++++++++++++++++++++++++++++++++++
lib/ldb/wscript | 5 ++++
2 files changed, 70 insertions(+)
create mode 100644 lib/ldb/tests/test_ldb_qsort.c
diff --git a/lib/ldb/tests/test_ldb_qsort.c b/lib/ldb/tests/test_ldb_qsort.c
new file mode 100644
index 00000000000..b72dc865b30
--- /dev/null
+++ b/lib/ldb/tests/test_ldb_qsort.c
@@ -0,0 +1,65 @@
+/*
+ * Unix SMB/CIFS implementation.
+ *
+ * Copyright (C) 2018 Andreas Schneider <asn at samba.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include <stdarg.h>
+#include <stddef.h>
+#include <setjmp.h>
+#include <cmocka.h>
+
+#include <ldb.h>
+
+static int cmp_integer(int *a, int *b, void *opaque)
+{
+ if (a == NULL || b == NULL) {
+ return 0;
+ }
+
+ if (*a > *b) {
+ return 1;
+ }
+
+ if (*a < *b) {
+ return -1;
+ }
+
+ return 0;
+}
+
+static void test_ldb_qsort(void **state)
+{
+ int a[6] = { 6, 3, 2, 7, 9, 4 };
+
+ ldb_qsort(a, 6, sizeof(int), NULL, (ldb_qsort_cmp_fn_t)cmp_integer);
+
+ assert_int_equal(a[0], 2);
+ assert_int_equal(a[1], 3);
+ assert_int_equal(a[2], 4);
+ assert_int_equal(a[3], 6);
+ assert_int_equal(a[4], 7);
+ assert_int_equal(a[5], 9);
+}
+
+int main(void) {
+ const struct CMUnitTest tests[] = {
+ cmocka_unit_test(test_ldb_qsort),
+ };
+
+ cmocka_set_message_output(CM_OUTPUT_SUBUNIT);
+ return cmocka_run_group_tests(tests, NULL, NULL);
+}
diff --git a/lib/ldb/wscript b/lib/ldb/wscript
index 1455f92eb2e..42d46b7899e 100644
--- a/lib/ldb/wscript
+++ b/lib/ldb/wscript
@@ -358,6 +358,11 @@ def build(bld):
deps='cmocka ldb',
install=False)
+ bld.SAMBA_BINARY('test_ldb_qsort',
+ source='tests/test_ldb_qsort.c',
+ deps='cmocka ldb',
+ install=False)
+
def test(ctx):
'''run ldb testsuite'''
import Utils, samba_utils, shutil
--
2.16.2
>From b2788a113990758db14b110b3a92520904755720 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Wed, 21 Mar 2018 16:25:30 +0100
Subject: [PATCH 02/17] ldb: Fix overflow checks
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
---
lib/ldb/common/qsort.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/lib/ldb/common/qsort.c b/lib/ldb/common/qsort.c
index 1a0b886b8c2..012aaf3c403 100644
--- a/lib/ldb/common/qsort.c
+++ b/lib/ldb/common/qsort.c
@@ -59,9 +59,8 @@ typedef struct
#define CHAR_BIT 8
#endif
#define STACK_SIZE (CHAR_BIT * sizeof(size_t))
-#define PUSH(low, high) ((void) ((top->lo = (low)), (top->hi = (high)), ++top))
-#define POP(low, high) ((void) (--top, (low = top->lo), (high = top->hi)))
-#define STACK_NOT_EMPTY (stack < top)
+#define PUSH(low, high) ((void) ((stack[i].lo = (low)), (stack[i].hi = (high)), i++))
+#define POP(low, high) ((void) (i--, (low = stack[i].lo), (high = stack[i].hi)))
/* Order size using quicksort. This implementation incorporates
@@ -104,11 +103,11 @@ void ldb_qsort (void *const pbase, size_t total_elems, size_t size,
char *lo = base_ptr;
char *hi = &lo[size * (total_elems - 1)];
stack_node stack[STACK_SIZE];
- stack_node *top = stack;
+ size_t i = 0;
PUSH (NULL, NULL);
- while (STACK_NOT_EMPTY)
+ do
{
char *left_ptr;
char *right_ptr;
@@ -194,6 +193,7 @@ void ldb_qsort (void *const pbase, size_t total_elems, size_t size,
hi = right_ptr;
}
}
+ while (i > 0 && i < STACK_SIZE);
}
/* Once the BASE_PTR array is partially sorted by quicksort the rest
--
2.16.2
>From 98bf9fb6427d415fac5297c23ca9009ee1032c5a Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Wed, 21 Mar 2018 14:32:49 +0100
Subject: [PATCH 03/17] third_party: Fix size type in cmocka
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
---
third_party/cmocka/cmocka.c | 24 ++++++++++++------------
1 file changed, 12 insertions(+), 12 deletions(-)
diff --git a/third_party/cmocka/cmocka.c b/third_party/cmocka/cmocka.c
index 14b2765b781..a5115c7cb5e 100644
--- a/third_party/cmocka/cmocka.c
+++ b/third_party/cmocka/cmocka.c
@@ -244,8 +244,8 @@ static void free_symbol_map_value(
static void remove_always_return_values(ListNode * const map_head,
const size_t number_of_symbol_names);
-static int check_for_leftover_values_list(const ListNode * head,
- const char * const error_message);
+static size_t check_for_leftover_values_list(const ListNode * head,
+ const char * const error_message);
static int check_for_leftover_values(
const ListNode * const map_head, const char * const error_message,
@@ -811,11 +811,11 @@ static void remove_always_return_values(ListNode * const map_head,
}
}
-static int check_for_leftover_values_list(const ListNode * head,
- const char * const error_message)
+static size_t check_for_leftover_values_list(const ListNode * head,
+ const char * const error_message)
{
ListNode *child_node;
- int leftover_count = 0;
+ size_t leftover_count = 0;
if (!list_empty(head))
{
for (child_node = head->next; child_node != head;
@@ -1952,10 +1952,10 @@ static const ListNode* check_point_allocated_blocks(void) {
/* Display the blocks allocated after the specified check point. This
* function returns the number of blocks displayed. */
-static int display_allocated_blocks(const ListNode * const check_point) {
+static size_t display_allocated_blocks(const ListNode * const check_point) {
const ListNode * const head = get_allocated_blocks_list();
const ListNode *node;
- int allocated_blocks = 0;
+ size_t allocated_blocks = 0;
assert_non_null(check_point);
assert_non_null(check_point->next);
@@ -1964,14 +1964,14 @@ static int display_allocated_blocks(const ListNode * const check_point) {
(const MallocBlockInfo*)node->value;
assert_non_null(block_info);
- if (!allocated_blocks) {
+ if (allocated_blocks == 0) {
cm_print_error("Blocks allocated...\n");
}
cm_print_error(SOURCE_LOCATION_FORMAT ": note: block %p allocated here\n",
block_info->location.file,
block_info->location.line,
block_info->block);
- allocated_blocks ++;
+ allocated_blocks++;
}
return allocated_blocks;
}
@@ -1997,10 +1997,10 @@ static void free_allocated_blocks(const ListNode * const check_point) {
/* Fail if any any blocks are allocated after the specified check point. */
static void fail_if_blocks_allocated(const ListNode * const check_point,
const char * const test_name) {
- const int allocated_blocks = display_allocated_blocks(check_point);
- if (allocated_blocks) {
+ const size_t allocated_blocks = display_allocated_blocks(check_point);
+ if (allocated_blocks > 0) {
free_allocated_blocks(check_point);
- cm_print_error("ERROR: %s leaked %d block(s)\n", test_name,
+ cm_print_error("ERROR: %s leaked %zu block(s)\n", test_name,
allocated_blocks);
exit_test(1);
}
--
2.16.2
>From 5af297e85825f94f5bc6087161150511a440fabd Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Wed, 21 Mar 2018 17:19:39 +0100
Subject: [PATCH 04/17] third_party: Fix overflow checking in pam_wrapper
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
---
third_party/pam_wrapper/pam_wrapper.c | 14 +++++++++-----
1 file changed, 9 insertions(+), 5 deletions(-)
diff --git a/third_party/pam_wrapper/pam_wrapper.c b/third_party/pam_wrapper/pam_wrapper.c
index 482b38841a3..36d0aa6a679 100644
--- a/third_party/pam_wrapper/pam_wrapper.c
+++ b/third_party/pam_wrapper/pam_wrapper.c
@@ -567,7 +567,6 @@ static int p_copy(const char *src, const char *dst, const char *pdir, mode_t mod
}
for (;;) {
- char *p;
bread = read(srcfd, buf, BUFFER_SIZE);
if (bread == 0) {
/* done */
@@ -580,16 +579,21 @@ static int p_copy(const char *src, const char *dst, const char *pdir, mode_t mod
/* EXTRA UGLY HACK */
if (pdir != NULL) {
- p = buf;
+ size_t i;
+
+ for (i = 0; i < BUFFER_SIZE; i++) {
+ if (buf[i] == '/') {
+ char *p = &buf[i];
+
+ if (i + 10 > BUFFER_SIZE) {
+ break;
+ }
- while (p < buf + BUFFER_SIZE) {
- if (*p == '/') {
cmp = memcmp(p, "/etc/pam.d", 10);
if (cmp == 0) {
memcpy(p, pdir, 10);
}
}
- p++;
}
}
--
2.16.2
>From 48dfccd87c69d759f4d46d15e24117f77799103f Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Wed, 21 Mar 2018 12:49:38 +0100
Subject: [PATCH 05/17] lib:util: Fix size types in fgets_slash()
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
---
lib/util/samba_util.h | 2 +-
lib/util/util_file.c | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/lib/util/samba_util.h b/lib/util/samba_util.h
index b78252316c8..7b96a595d43 100644
--- a/lib/util/samba_util.h
+++ b/lib/util/samba_util.h
@@ -352,7 +352,7 @@ const char **str_list_make_v3_const(TALLOC_CTX *mem_ctx,
*/
_PUBLIC_ char *afdgets(int fd, TALLOC_CTX *mem_ctx, size_t hint);
-char *fgets_slash(TALLOC_CTX *mem_ctx, char *s2, int maxlen, FILE *f);
+char *fgets_slash(TALLOC_CTX *mem_ctx, char *s2, size_t maxlen, FILE *f);
/**
load a file into memory from a fd.
diff --git a/lib/util/util_file.c b/lib/util/util_file.c
index 499e8c46693..bf2f3e1a27f 100644
--- a/lib/util/util_file.c
+++ b/lib/util/util_file.c
@@ -79,10 +79,10 @@ _PUBLIC_ char *afdgets(int fd, TALLOC_CTX *mem_ctx, size_t hint)
return data;
}
-char *fgets_slash(TALLOC_CTX *mem_ctx, char *s2, int maxlen, FILE *f)
+char *fgets_slash(TALLOC_CTX *mem_ctx, char *s2, size_t maxlen, FILE *f)
{
char *s = s2;
- int len = 0;
+ size_t len = 0;
int c;
bool start_of_line = true;
--
2.16.2
>From c1ca25ed64970914cad362e26338cf09daa65d9d Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Wed, 21 Mar 2018 16:46:49 +0100
Subject: [PATCH 06/17] s4:registry: Fix size type and loop
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
---
source4/lib/registry/tools/regshell.c | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/source4/lib/registry/tools/regshell.c b/source4/lib/registry/tools/regshell.c
index 5308d30e849..48251c33ea4 100644
--- a/source4/lib/registry/tools/regshell.c
+++ b/source4/lib/registry/tools/regshell.c
@@ -428,7 +428,7 @@ static char **reg_complete_command(const char *text, int start, int end)
/* Complete command */
char **matches;
size_t len, samelen=0;
- int i, count=1;
+ size_t i, count = 1;
matches = malloc_array_p(char *, MAX_COMPLETIONS);
if (!matches) return NULL;
@@ -463,10 +463,8 @@ static char **reg_complete_command(const char *text, int start, int end)
return matches;
cleanup:
- count--;
- while (count >= 0) {
- free(matches[count]);
- count--;
+ for (i = 0; i < count; i++) {
+ free(matches[i]);
}
free(matches);
return NULL;
--
2.16.2
>From 3f8175595b63b8b5de97b0e46c7becb6d89774b2 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Thu, 22 Mar 2018 10:28:02 +0100
Subject: [PATCH 07/17] s4:client: Fix size types and loop
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
---
source4/client/client.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/source4/client/client.c b/source4/client/client.c
index f73d9f99d20..0695bb25837 100644
--- a/source4/client/client.c
+++ b/source4/client/client.c
@@ -3053,7 +3053,7 @@ static char **completion_fn(const char *text, int start, int end)
return NULL;
} else {
char **matches;
- int i, len, samelen = 0, count=1;
+ size_t i, len, samelen = 0, count=1;
matches = malloc_array_p(char *, MAX_COMPLETIONS);
if (!matches) return NULL;
@@ -3092,10 +3092,8 @@ static char **completion_fn(const char *text, int start, int end)
return matches;
cleanup:
- count--;
- while (count >= 0) {
+ for (i = 0; i < count; i++) {
free(matches[count]);
- count--;
}
free(matches);
return NULL;
--
2.16.2
>From 4dbf4e7099d1223e0a2a6a7fff12da557a1cc6a3 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Wed, 21 Mar 2018 13:02:26 +0100
Subject: [PATCH 08/17] heimdal: Fix size types and array access
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
---
.../heimdal/lib/gssapi/mech/gss_set_cred_option.c | 2 +-
source4/heimdal/lib/krb5/addr_families.c | 29 +++++++++++++---------
2 files changed, 18 insertions(+), 13 deletions(-)
diff --git a/source4/heimdal/lib/gssapi/mech/gss_set_cred_option.c b/source4/heimdal/lib/gssapi/mech/gss_set_cred_option.c
index d33453d92fe..653565b856d 100644
--- a/source4/heimdal/lib/gssapi/mech/gss_set_cred_option.c
+++ b/source4/heimdal/lib/gssapi/mech/gss_set_cred_option.c
@@ -41,7 +41,7 @@ gss_set_cred_option (OM_uint32 *minor_status,
struct _gss_cred *cred = (struct _gss_cred *) *cred_handle;
OM_uint32 major_status = GSS_S_COMPLETE;
struct _gss_mechanism_cred *mc;
- int one_ok = 0;
+ OM_uint32 one_ok = 0;
*minor_status = 0;
diff --git a/source4/heimdal/lib/krb5/addr_families.c b/source4/heimdal/lib/krb5/addr_families.c
index 5d321a7e917..1f7b7266608 100644
--- a/source4/heimdal/lib/krb5/addr_families.c
+++ b/source4/heimdal/lib/krb5/addr_families.c
@@ -803,7 +803,7 @@ static struct addr_operations at[] = {
}
};
-static int num_addrs = sizeof(at) / sizeof(at[0]);
+static size_t num_addrs = sizeof(at) / sizeof(at[0]);
static size_t max_sockaddr_size = 0;
@@ -814,22 +814,26 @@ static size_t max_sockaddr_size = 0;
static struct addr_operations *
find_af(int af)
{
- struct addr_operations *a;
+ size_t i;
- for (a = at; a < at + num_addrs; ++a)
- if (af == a->af)
- return a;
+ for (i = 0; i < num_addrs; i++) {
+ if (af == at[i].af) {
+ return &at[i];
+ }
+ }
return NULL;
}
static struct addr_operations *
find_atype(krb5_address_type atype)
{
- struct addr_operations *a;
+ size_t i;
- for (a = at; a < at + num_addrs; ++a)
- if (atype == a->atype)
- return a;
+ for (i = 0; i < num_addrs; i++) {
+ if (atype == at[i].atype) {
+ return &at[i];
+ }
+ }
return NULL;
}
@@ -949,10 +953,11 @@ KRB5_LIB_FUNCTION size_t KRB5_LIB_CALL
krb5_max_sockaddr_size (void)
{
if (max_sockaddr_size == 0) {
- struct addr_operations *a;
+ size_t i;
- for(a = at; a < at + num_addrs; ++a)
- max_sockaddr_size = max(max_sockaddr_size, a->max_sockaddr_size);
+ for (i = 0; i < num_addrs; i++) {
+ max_sockaddr_size = max(max_sockaddr_size, at[i].max_sockaddr_size);
+ }
}
return max_sockaddr_size;
}
--
2.16.2
>From 1d6301e40cd2d16c85704394cf02e6407d128759 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Wed, 21 Mar 2018 17:46:30 +0100
Subject: [PATCH 09/17] s4:torture: Fix size types in torture_create_procs()
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
---
source4/torture/util_smb.c | 23 ++++++++++++-----------
1 file changed, 12 insertions(+), 11 deletions(-)
diff --git a/source4/torture/util_smb.c b/source4/torture/util_smb.c
index fcbdc7a86ed..5ca816f7cde 100644
--- a/source4/torture/util_smb.c
+++ b/source4/torture/util_smb.c
@@ -593,11 +593,12 @@ double torture_create_procs(struct torture_context *tctx,
bool (*fn)(struct torture_context *, struct smbcli_state *, int),
bool *result)
{
- int i, status;
+ int status;
+ size_t i;
struct child_status *child_status;
- int synccount;
- int tries = 8;
- int torture_nprocs = torture_setting_int(tctx, "nprocs", 4);
+ size_t synccount;
+ size_t tries = 8;
+ size_t torture_nprocs = torture_setting_int(tctx, "nprocs", 4);
double start_time_limit = 10 + (torture_nprocs * 1.5);
struct timeval tv;
@@ -629,7 +630,7 @@ double torture_create_procs(struct torture_context *tctx,
pid_t mypid = getpid();
srandom(((int)mypid) ^ ((int)time(NULL)));
- if (asprintf(&myname, "CLIENT%d", i) == -1) {
+ if (asprintf(&myname, "CLIENT%zu", i) == -1) {
printf("asprintf failed\n");
return -1;
}
@@ -654,7 +655,7 @@ double torture_create_procs(struct torture_context *tctx,
if (!child_status[i].start) {
child_status[i].result = TORTURE_ERROR;
- printf("Child %d failed to start!\n", i);
+ printf("Child %zu failed to start!\n", i);
_exit(1);
}
@@ -671,14 +672,14 @@ double torture_create_procs(struct torture_context *tctx,
if (strlen(tctx->last_reason) > 1023) {
/* note: reason already contains \n */
torture_comment(tctx,
- "child %d (pid %u) failed: %s",
+ "child %zu (pid %u) failed: %s",
i,
(unsigned)child_status[i].pid,
tctx->last_reason);
}
snprintf(child_status[i].reason,
- 1024, "child %d (pid %u) failed: %s",
+ 1024, "child %zu (pid %u) failed: %s",
i, (unsigned)child_status[i].pid,
tctx->last_reason);
/* ensure proper "\n\0" termination: */
@@ -705,7 +706,7 @@ double torture_create_procs(struct torture_context *tctx,
} while (timeval_elapsed(&tv) < start_time_limit);
if (synccount != torture_nprocs) {
- printf("FAILED TO START %d CLIENTS (started %d)\n", torture_nprocs, synccount);
+ printf("FAILED TO START %zu CLIENTS (started %zu)\n", torture_nprocs, synccount);
/* cleanup child processes */
for (i = 0; i < torture_nprocs; i++) {
@@ -718,7 +719,7 @@ double torture_create_procs(struct torture_context *tctx,
return timeval_elapsed(&tv);
}
- printf("Starting %d clients\n", torture_nprocs);
+ printf("Starting %zu clients\n", torture_nprocs);
/* start the client load */
tv = timeval_current();
@@ -726,7 +727,7 @@ double torture_create_procs(struct torture_context *tctx,
child_status[i].start = true;
}
- printf("%d clients started\n", torture_nprocs);
+ printf("%zu clients started\n", torture_nprocs);
kill(0, SIGCONT);
--
2.16.2
>From ad392aa49ff787ec548136a7aee985d34a52deb1 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Thu, 22 Mar 2018 11:49:18 +0100
Subject: [PATCH 10/17] s3:smbd: Fix size types in reply_negprot()
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
---
source3/smbd/negprot.c | 12 +++++++-----
1 file changed, 7 insertions(+), 5 deletions(-)
diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c
index a36822e1907..1acd8905d31 100644
--- a/source3/smbd/negprot.c
+++ b/source3/smbd/negprot.c
@@ -557,14 +557,15 @@ static const struct {
void reply_negprot(struct smb_request *req)
{
- int choice= -1;
+ size_t choice = 0;
int chosen_level = -1;
+ bool choice_set = false;
int protocol;
const char *p;
int protocols = 0;
int num_cliprotos;
char **cliprotos;
- int i;
+ size_t i;
size_t converted_size;
struct smbXsrv_connection *xconn = req->xconn;
struct smbd_server_connection *sconn = req->sconn;
@@ -733,14 +734,15 @@ void reply_negprot(struct smb_request *req)
if (strequal(cliprotos[i],supported_protocols[protocol].proto_name)) {
choice = i;
chosen_level = supported_protocols[protocol].protocol_level;
+ choice_set = true;
}
i++;
}
- if(choice != -1)
+ if (choice_set)
break;
}
- if (choice == -1) {
+ if (choice_set) {
bool ok;
DBG_NOTICE("No protocol supported !\n");
@@ -760,7 +762,7 @@ void reply_negprot(struct smb_request *req)
supported_protocols[protocol].proto_reply_fn(req, choice);
DEBUG(3,("Selected protocol %s\n",supported_protocols[protocol].proto_name));
- DEBUG( 5, ( "negprot index=%d\n", choice ) );
+ DBG_INFO("negprot index=%zu\n", choice);
/* We always have xconn->smb1.signing_state also for >= SMB2_02 */
signing_required = smb_signing_is_mandatory(xconn->smb1.signing_state);
--
2.16.2
>From 3c09134c4be071b7934a5c5b5549dd9aaea08d1d Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Thu, 22 Mar 2018 13:41:39 +0100
Subject: [PATCH 11/17] s3:printing: Fix size types
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
---
source3/include/printing.h | 2 +-
source3/printing/printing.c | 27 +++++++++++++++++----------
2 files changed, 18 insertions(+), 11 deletions(-)
diff --git a/source3/include/printing.h b/source3/include/printing.h
index 07b86786f34..6fb730119f5 100644
--- a/source3/include/printing.h
+++ b/source3/include/printing.h
@@ -63,7 +63,7 @@ enum {LPSTAT_OK, LPSTAT_STOPPED, LPSTAT_ERROR};
typedef struct {
fstring message;
- int qcount;
+ size_t qcount;
int status;
} print_status_struct;
diff --git a/source3/printing/printing.c b/source3/printing/printing.c
index e4bb1d84f69..d8124686302 100644
--- a/source3/printing/printing.c
+++ b/source3/printing/printing.c
@@ -991,7 +991,7 @@ static void print_unix_job(struct tevent_context *ev,
struct traverse_struct {
print_queue_struct *queue;
- int qcount, snum, maxcount, total_jobs;
+ size_t qcount, snum, maxcount, total_jobs;
const char *sharename;
time_t lpq_time;
const char *lprm_command;
@@ -1010,7 +1010,7 @@ static int traverse_fn_delete(TDB_CONTEXT *t, TDB_DATA key, TDB_DATA data, void
struct traverse_struct *ts = (struct traverse_struct *)state;
struct printjob pjob;
uint32_t jobid;
- int i = 0;
+ size_t i = 0;
if ( key.dsize != sizeof(jobid) )
return 0;
@@ -1408,7 +1408,7 @@ static void print_queue_update_internal(struct tevent_context *ev,
struct printif *current_printif,
char *lpq_command, char *lprm_command)
{
- int i, qcount;
+ size_t i, qcount;
print_queue_struct *queue = NULL;
print_status_struct status;
print_status_struct old_status;
@@ -1443,8 +1443,10 @@ static void print_queue_update_internal(struct tevent_context *ev,
current_printif->type,
lpq_command, &queue, &status);
- DEBUG(3, ("print_queue_update_internal: %d job%s in queue for %s\n",
- qcount, (qcount != 1) ? "s" : "", sharename));
+ DBG_NOTICE("%zu job%s in queue for %s\n",
+ qcount,
+ (qcount != 1) ? "s" : "",
+ sharename);
/* Sort the queue by submission time otherwise they are displayed
in hash order. */
@@ -1519,15 +1521,20 @@ static void print_queue_update_internal(struct tevent_context *ev,
SAFE_FREE(tstruct.queue);
talloc_free(tmp_ctx);
- DEBUG(10,("print_queue_update_internal: printer %s INFO/total_jobs = %d\n",
- sharename, tstruct.total_jobs ));
+ DBG_DEBUG("printer %s INFO, total_jobs = %zu\n",
+ sharename,
+ tstruct.total_jobs);
tdb_store_int32(pdb->tdb, "INFO/total_jobs", tstruct.total_jobs);
get_queue_status(sharename, &old_status);
- if (old_status.qcount != qcount)
- DEBUG(10,("print_queue_update_internal: queue status change %d jobs -> %d jobs for printer %s\n",
- old_status.qcount, qcount, sharename));
+ if (old_status.qcount != qcount) {
+ DBG_DEBUG("Queue status change %zu jobs -> %zu jobs "
+ "for printer %s\n",
+ old_status.qcount,
+ qcount,
+ sharename);
+ }
/* store the new queue status structure */
slprintf(keystr, sizeof(keystr)-1, "STATUS/%s", sharename);
--
2.16.2
>From 05091ebfe0e8c6792534311085580a327d03b058 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Thu, 22 Mar 2018 14:06:34 +0100
Subject: [PATCH 12/17] s3:spoolss: Fix size types
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
---
source3/rpc_server/spoolss/srv_spoolss_nt.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/source3/rpc_server/spoolss/srv_spoolss_nt.c b/source3/rpc_server/spoolss/srv_spoolss_nt.c
index 2f42e6d4c39..9e492d5a396 100644
--- a/source3/rpc_server/spoolss/srv_spoolss_nt.c
+++ b/source3/rpc_server/spoolss/srv_spoolss_nt.c
@@ -5006,7 +5006,7 @@ static WERROR string_array_from_driver_info(TALLOC_CTX *mem_ctx,
const char *arch,
int version)
{
- int i;
+ size_t i;
size_t num_strings = 0;
const char **array = NULL;
--
2.16.2
>From 8fae3e59c89917714c438c096a31889046cba93a Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Thu, 22 Mar 2018 14:51:28 +0100
Subject: [PATCH 13/17] s3:client: Fix size types
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
---
source3/client/client.c | 23 +++++++++++++++--------
1 file changed, 15 insertions(+), 8 deletions(-)
diff --git a/source3/client/client.c b/source3/client/client.c
index 49d027ad4ac..23ed02d9cc0 100644
--- a/source3/client/client.c
+++ b/source3/client/client.c
@@ -186,16 +186,20 @@ static bool yesno(const char *p)
number taken from the buffer. This may not equal the number written.
****************************************************************************/
-static int writefile(int f, char *b, int n)
+static ssize_t writefile(int f, char *b, size_t n)
{
- int i;
+ size_t i = 0;
+
+ if (n == 0) {
+ errno = EINVAL;
+ return -1;
+ }
if (!translation) {
return write(f,b,n);
}
- i = 0;
- while (i < n) {
+ do {
if (*b == '\r' && (i<(n-1)) && *(b+1) == '\n') {
b++;i++;
}
@@ -204,9 +208,9 @@ static int writefile(int f, char *b, int n)
}
b++;
i++;
- }
+ } while (i < n);
- return(i);
+ return (ssize_t)i;
}
/****************************************************************************
@@ -1092,7 +1096,10 @@ static int cmd_echo(void)
static NTSTATUS writefile_sink(char *buf, size_t n, void *priv)
{
int *pfd = (int *)priv;
- if (writefile(*pfd, buf, n) == -1) {
+ ssize_t rc;
+
+ rc = writefile(*pfd, buf, n);
+ if (rc == -1) {
return map_nt_error_from_unix(errno);
}
return NT_STATUS_OK;
@@ -5954,7 +5961,7 @@ static char **completion_fn(const char *text, int start, int end)
return NULL;
} else {
char **matches;
- int i, len, samelen = 0, count=1;
+ size_t i, len, samelen = 0, count=1;
matches = SMB_MALLOC_ARRAY(char *, MAX_COMPLETIONS);
if (!matches) {
--
2.16.2
>From cb69d82ba566a44dfc0a39b7c2def99dc710dd8d Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Thu, 22 Mar 2018 18:36:13 +0100
Subject: [PATCH 14/17] s3:torture: Fix size types in make_nonstd_fd()
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
---
source3/torture/wbc_async.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/source3/torture/wbc_async.c b/source3/torture/wbc_async.c
index 1a7495acad8..a9020ddcda5 100644
--- a/source3/torture/wbc_async.c
+++ b/source3/torture/wbc_async.c
@@ -98,10 +98,10 @@ struct wb_context {
static int make_nonstd_fd(int fd)
{
- int i;
+ size_t i;
int sys_errno = 0;
int fds[3];
- int num_fds = 0;
+ size_t num_fds = 0;
if (fd == -1) {
return -1;
--
2.16.2
>From 5cbc49a5be60ea139a64227bcfa525f0661c9cff Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Thu, 22 Mar 2018 19:23:22 +0100
Subject: [PATCH 15/17] s3:modules: Fix array access in getdate.y
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
---
source3/modules/getdate.c | 8 ++++----
source3/modules/getdate.y | 8 ++++----
2 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/source3/modules/getdate.c b/source3/modules/getdate.c
index 7a5d68ee6a3..37b3ed5881c 100644
--- a/source3/modules/getdate.c
+++ b/source3/modules/getdate.c
@@ -2531,18 +2531,18 @@ yylex (YYSTYPE *lvalp, parser_control *pc)
if (ISALPHA (c))
{
char buff[20];
- char *p = buff;
+ size_t i = 0;
table const *tp;
do
{
- if (p < buff + sizeof buff - 1)
- *p++ = c;
+ if (i < 20)
+ buff[i++] = c;
c = *++pc->input;
}
while (ISALPHA (c) || c == '.');
- *p = '\0';
+ buff[i] = '\0';
tp = lookup_word (pc, buff);
if (! tp)
return '?';
diff --git a/source3/modules/getdate.y b/source3/modules/getdate.y
index 2e49f15b87f..f1b5b44c495 100644
--- a/source3/modules/getdate.y
+++ b/source3/modules/getdate.y
@@ -829,18 +829,18 @@ yylex (YYSTYPE *lvalp, parser_control *pc)
if (ISALPHA (c))
{
char buff[20];
- char *p = buff;
+ size_t i = 0;
table const *tp;
do
{
- if (p < buff + sizeof buff - 1)
- *p++ = c;
+ if (i < 20)
+ buff[i++] = c;
c = *++pc->input;
}
while (ISALPHA (c) || c == '.');
- *p = '\0';
+ buff[i] = '\0';
tp = lookup_word (pc, buff);
if (! tp)
return '?';
--
2.16.2
>From e7e3ce59f2d25b60c8b67a6afdb6fcb45b76305a Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Thu, 7 Dec 2017 15:27:44 +0100
Subject: [PATCH 16/17] wafsamba: Add '-Werror=strict-overflow
-Wstrict-overflow=2' to the developer build
We could move it to 3, but shouldn't go higher. If you set it to 4 and 5
youl will probably also get a lot of false positives.
Signed-off-by: Andreas Schneider <asn at samba.org>
---
buildtools/wafsamba/samba_autoconf.py | 2 ++
1 file changed, 2 insertions(+)
diff --git a/buildtools/wafsamba/samba_autoconf.py b/buildtools/wafsamba/samba_autoconf.py
index 35f4f36f61c..bdd7c8bd195 100644
--- a/buildtools/wafsamba/samba_autoconf.py
+++ b/buildtools/wafsamba/samba_autoconf.py
@@ -713,6 +713,8 @@ def SAMBA_CONFIG_H(conf, path=None):
testflags=True)
conf.ADD_CFLAGS('-Wimplicit-fallthrough',
testflags=True)
+ conf.ADD_CFLAGS('-Werror=strict-overflow -Wstrict-overflow=2',
+ testflags=True)
conf.ADD_CFLAGS('-Wformat=2 -Wno-format-y2k', testflags=True)
conf.ADD_CFLAGS('-Wno-format-zero-length', testflags=True)
--
2.16.2
>From e70d311a81168a3d4cb4e9340c70ba039f2f6241 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Thu, 22 Mar 2018 21:39:11 +0100
Subject: [PATCH 17/17] FOO
---
source3/modules/getdate.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/source3/modules/getdate.c b/source3/modules/getdate.c
index 37b3ed5881c..b2f618a15ab 100644
--- a/source3/modules/getdate.c
+++ b/source3/modules/getdate.c
@@ -1396,7 +1396,7 @@ int yynerrs;
yysetstate:
*yyssp = yystate;
- if (yyss + yystacksize - 1 <= yyssp)
+ if (yyss + yystacksize - 1 <= yyssp) /* ARGL */
{
/* Get the current used size of the three stacks, in elements. */
YYSIZE_T yysize = yyssp - yyss + 1;
--
2.16.2
More information about the samba-technical
mailing list