Message ID | pull.1294.git.1658256354725.gitgitgadget@gmail.com (mailing list archive) |
---|---|
State | Accepted |
Commit | b4f52f09ae712e1a813375712b6e58be49255cd0 |
Headers | show |
Series | compat/win32: correct for incorrect compiler warning | expand |
On Tue, Jul 19, 2022 at 2:48 PM Derrick Stolee via GitGitGadget <gitgitgadget@gmail.com> wrote: > The 'win build' job of our CI build is failing with the following error: > > compat/win32/syslog.c: In function 'syslog': > compat/win32/syslog.c:53:17: error: pointer 'pos' may be used after \ > 'realloc' [-Werror=use-after-free] > 53 | memmove(pos + 2, pos + 1, strlen(pos)); > CC compat/poll/poll.o > | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > compat/win32/syslog.c:47:23: note: call to 'realloc' here > 47 | str = realloc(str, st_add(++str_len, 1)); > | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Removing the unrelated "CC compat/poll/poll.o" line would help make this output less confusing. > However, between this realloc() and the use we have a line that resets > the value of 'pos'. Thus, this error is incorrect. It is likely due to a > new version of the compiler on the CI machines. > > Instead of waiting for a new compiler, create a new variable to avoid > this error. If possible, it is a good idea to mention the actual compiler version in the commit message as an aid to future readers who might want to know if this sort of workaround is still needed. > Signed-off-by: Derrick Stolee <derrickstolee@github.com>
On 7/19/2022 3:48 PM, Eric Sunshine wrote: > On Tue, Jul 19, 2022 at 2:48 PM Derrick Stolee via GitGitGadget > <gitgitgadget@gmail.com> wrote: >> The 'win build' job of our CI build is failing with the following error: >> >> compat/win32/syslog.c: In function 'syslog': >> compat/win32/syslog.c:53:17: error: pointer 'pos' may be used after \ >> 'realloc' [-Werror=use-after-free] >> 53 | memmove(pos + 2, pos + 1, strlen(pos)); >> CC compat/poll/poll.o >> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >> compat/win32/syslog.c:47:23: note: call to 'realloc' here >> 47 | str = realloc(str, st_add(++str_len, 1)); >> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > Removing the unrelated "CC compat/poll/poll.o" line would help make > this output less confusing. Yes, sorry. It's output from the parallel build that I should have noticed. >> However, between this realloc() and the use we have a line that resets >> the value of 'pos'. Thus, this error is incorrect. It is likely due to a >> new version of the compiler on the CI machines. >> >> Instead of waiting for a new compiler, create a new variable to avoid >> this error. > > If possible, it is a good idea to mention the actual compiler version > in the commit message as an aid to future readers who might want to > know if this sort of workaround is still needed. I wish I knew. I can only guess that it's a new GCC version on the Windows agents for GitHub Actions, but I don't know exactly which one. Thanks, -Stolee
"Derrick Stolee via GitGitGadget" <gitgitgadget@gmail.com> writes: > diff --git a/compat/win32/syslog.c b/compat/win32/syslog.c > index 1f8d8934cc9..0af18d88825 100644 > --- a/compat/win32/syslog.c > +++ b/compat/win32/syslog.c > @@ -44,6 +44,7 @@ void syslog(int priority, const char *fmt, ...) > > while ((pos = strstr(str, "%1")) != NULL) { > size_t offset = pos - str; > + char *new_pos; > char *oldstr = str; > str = realloc(str, st_add(++str_len, 1)); > if (!str) { > @@ -51,9 +52,9 @@ void syslog(int priority, const char *fmt, ...) > warning_errno("realloc failed"); > return; > } > - pos = str + offset; > - memmove(pos + 2, pos + 1, strlen(pos)); > - pos[1] = ' '; > + new_pos = str + offset; > + memmove(new_pos + 2, new_pos + 1, strlen(new_pos)); > + new_pos[1] = ' '; > } Heh, after this sequence pos = strstr(str, ...); str = realloc(str, ...); pos = str + something; the compiler warns about use of pos[] as if resetting of pos based on the new value of str[] did not even exist? Discovering a working work-around must have been a pain. If I were writing this, I'd probably * avoid re-scanning "str" from the beginning in every iteration; * possibly avoid reallocating for %1 by first scanning and counting the problematic "%1"; * also possibly give a deeper thought to see if "%1" -> "% 1" is necessary. We are munging the original string anyway---in the output that has "% 1", you cannot tell if the original was "%1" that was munged by this code, or it was "% 1" from the beginning. In other words, we are already willing to lose information. Perhaps we can find a different replacement sequence that is still 2-byte-wide and that is unlikely to appear in the original, eliminating the need for reallocation altogether? But none of that is a problem with this patch. Will queue. Thanks.
Hi Stolee > diff --git a/compat/win32/syslog.c b/compat/win32/syslog.c > index 1f8d8934cc9..0af18d88825 100644 > --- a/compat/win32/syslog.c > +++ b/compat/win32/syslog.c > @@ -44,6 +44,7 @@ void syslog(int priority, const char *fmt, ...) > > while ((pos = strstr(str, "%1")) != NULL) { > size_t offset = pos - str; > + char *new_pos; > char *oldstr = str; > str = realloc(str, st_add(++str_len, 1)); Not related to your patch but this context line looks suspicious as str_len is incremented without checking for overflow. I did wonder if it should be using a post increment instead and was using the st_add() to check if that overflowed but str_len is an int so we'd still have undefined behavior. Best Wishes Phillip
diff --git a/compat/win32/syslog.c b/compat/win32/syslog.c index 1f8d8934cc9..0af18d88825 100644 --- a/compat/win32/syslog.c +++ b/compat/win32/syslog.c @@ -44,6 +44,7 @@ void syslog(int priority, const char *fmt, ...) while ((pos = strstr(str, "%1")) != NULL) { size_t offset = pos - str; + char *new_pos; char *oldstr = str; str = realloc(str, st_add(++str_len, 1)); if (!str) { @@ -51,9 +52,9 @@ void syslog(int priority, const char *fmt, ...) warning_errno("realloc failed"); return; } - pos = str + offset; - memmove(pos + 2, pos + 1, strlen(pos)); - pos[1] = ' '; + new_pos = str + offset; + memmove(new_pos + 2, new_pos + 1, strlen(new_pos)); + new_pos[1] = ' '; } switch (priority) {