-D_FORTIFY_SOURCE discards qualifier overrides in {mem,str}cpy
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
GLibC |
Invalid
|
Medium
|
|||
gcc |
Invalid
|
Medium
|
|||
glibc (Ubuntu) |
Fix Released
|
Undecided
|
Kees Cook |
Bug Description
Binary package hint: gcc-4.2
The following source, without the "(void*)" overrides, will throw an warning (as expected), when compiled with -Wall:
$ gcc -o memcpy-fortify -Wall memcpy-fortify.c
memcpy-fortify.c: In function 'main':
memcpy-
memcpy-
With "(void*)" it is (as expected) silent. With -O2, it is silent, but with -D_FORTIFY_SOURCE != 0, the qualifier override is ignored:
$ gcc -o memcpy-fortify -Wall -O2 -D_FORTIFY_SOURCE=2 memcpy-fortify.c
memcpy-fortify.c: In function 'main':
memcpy-
memcpy-
This will cause problems for builds that run with -Werror.
/*
* gcc -o memcpy-fortify -Wall -Werror -O2 -D_FORTIFY_SOURCE=2 memcpy-fortify.c
*
*/
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <stdint.h>
#include <string.h>
#include <stdint.h>
#include <inttypes.h>
int main(int argc, char * argv[])
{
char *foo = strdup("string one");
char *bar = strdup("string two");
const char *baz = (const char *)foo;
printf("%s\n", foo);
memcpy(
strcpy(
printf("%s\n", foo);
return 0;
}
Changed in gcc: | |
status: | Unknown → Invalid |
Changed in glibc: | |
status: | Unknown → Confirmed |
Changed in glibc: | |
status: | Confirmed → Invalid |
Changed in glibc: | |
importance: | Unknown → Medium |
Changed in gcc: | |
importance: | Unknown → Medium |
The following source, without the "(void*)" overrides, will throw an warning
(as expected), when compiled with -Wall:
$ gcc -o memcpy-fortify -Wall memcpy-fortify.c fortify. c:21: warning: passing argument 1 of 'memcpy' discards fortify. c:22: warning: passing argument 1 of 'strcpy' discards
memcpy-fortify.c: In function 'main':
memcpy-
qualifiers from pointer target type
memcpy-
qualifiers from pointer target type
With "(void*)" it is (as expected) silent. With -O2, it is silent, but with
-D_FORTIFY_SOURCE != 0, the qualifier override is ignored:
$ gcc -o memcpy-fortify -Wall -O2 -D_FORTIFY_SOURCE=2 memcpy-fortify.c fortify. c:21: warning: passing argument 1 of 'memcpy' discards fortify. c:22: warning: passing argument 1 of 'strcpy' discards
memcpy-fortify.c: In function 'main':
memcpy-
qualifiers from pointer target type
memcpy-
qualifiers from pointer target type
This will cause problems for builds that run with -Werror.
/*
* gcc -o memcpy-fortify -Wall -Werror -O2 -D_FORTIFY_SOURCE=2 memcpy-fortify.c
*
*/
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <stdint.h>
#include <string.h>
#include <stdint.h>
#include <inttypes.h>
int main(int argc, char * argv[])
{
char *foo = strdup("string one");
char *bar = strdup("string two");
const char *baz = (const char *)foo;
printf("%s\n", foo);
memcpy( (void*) baz, bar, strlen(bar)+1); (void*) baz, bar);
strcpy(
printf("%s\n", foo);
return 0;
}