Buffer size warning from a compiler in string functions

Description

Hey,

There are some warning from a compiler and they make me worried. A warning about a possible overflow when doing memcpy() in string handling functions never looks safe.

[100%] Building C object src/CMakeFiles/bro.dir/nb_dns.c.o
In file included from /usr/include/string.h:494:0,
from /home/clear/rpmbuild/BUILD/bro-2.5.9271b2032/src/3rdparty/sqlite3.c:12705:
In function ‘memcpy’,
inlined from ‘vdbePmaReadBlob.part.172’ at /home/clear/rpmbuild/BUILD/bro-2.5.9271b2032/src/3rdparty/sqlite3.c:88351:5,
inlined from ‘vdbePmaReadBlob’,
inlined from ‘vdbePmaReadVarint.part.173’ at /home/clear/rpmbuild/BUILD/bro-2.5.9271b2032/src/3rdparty/sqlite3.c:88394:12,
inlined from ‘vdbePmaReadVarint’,
inlined from ‘vdbePmaReaderInit.constprop’ at /home/clear/rpmbuild/BUILD/bro-2.5.9271b2032/src/3rdparty/sqlite3.c:88542:8,
inlined from ‘vdbeMergeEngineLevel0’ at /home/clear/rpmbuild/BUILD/bro-2.5.9271b2032/src/3rdparty/sqlite3.c:90110:8,
inlined from ‘vdbeSorterMergeTreeBuild’ at /home/clear/rpmbuild/BUILD/bro-2.5.9271b2032/src/3rdparty/sqlite3.c:90245:14,
inlined from ‘vdbeSorterSetupMerge’ at /home/clear/rpmbuild/BUILD/bro-2.5.9271b2032/src/3rdparty/sqlite3.c:90298:6,
inlined from ‘sqlite3VdbeSorterRewind.isra.333’ at /home/clear/rpmbuild/BUILD/bro-2.5.9271b2032/src/3rdparty/sqlite3.c:90404:8,
inlined from ‘sqlite3VdbeExec’ at /home/clear/rpmbuild/BUILD/bro-2.5.9271b2032/src/3rdparty/sqlite3.c:84972:8:
/usr/include/bits/string_fortified.h:34:10: warning: ‘__builtin_memcpy’: specified size between 18446744071562067968 and 18446744073709551615 exceeds maximum object size 9223372036854775807 [-Wstringop-overflow=]
return _builtin_memcpy_chk (_dest, __src, __len, _bos0 (_dest));
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[100%] Linking CXX executable bro

Environment

None

Activity

Show:
Jon Siwek
April 11, 2018, 1:35 AM

Bro just uses the SQLite amalgamation code from sqlite.org and it looks like that's what the warning is pointing at. In Bro's master branch, I've updated SQLite from 3.22.0 to 3.23.0. If that doesn't fix the warning, then try actually isolating the problem to just the SQLite code and report it to them (or respond in this ticket again if you find I've misjudged the source of the warning).

Fixed

Assignee

Unassigned

Reporter

Michał Purzyński

Labels

None

External issue ID

None

Components

Fix versions

Affects versions

Priority

High