FTBFS: gcc9 stringop-truncation and others

Bug #1835831 reported by Andreas Hasenack on 2019-07-08
This bug affects 1 person
Affects Status Importance Assigned to Milestone
squid (Ubuntu)

Bug Description

Same error with latest upstream, which is 4.7 at this time:
libtool: compile: x86_64-linux-gnu-gcc -DHAVE_CONFIG_H -DDEFAULT_CONFIG_FILE=\"/etc/squid/squid.conf\" -DDEFAULT_SQUID_DATA_DIR=\"/usr/share/squid\" -DDEFAULT_SQUID_CONFIG_DIR=\"/etc/squid\" -I../.. -I../../include -I../../lib -I../../src -I../../include -isystem /usr/include/mit-krb5 -I../../lib -Wdate-time -D_FORTIFY_SOURCE=2 -I/usr/include/libxml2 -Wall -Wpointer-arith -Wwrite-strings -Wmissing-prototypes -Wmissing-declarations -Wcomments -Wshadow -Werror -pipe -D_REENTRANT -g -O2 -fdebug-prefix-map=/home/ubuntu/git/packages/squid/squid=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -c smbencrypt.c -fPIC -DPIC -o .libs/smbencrypt.o
In file included from /usr/include/string.h:494,
                 from ../../compat/xstring.h:13,
                 from ../../compat/compat_shared.h:225,
                 from ../../compat/compat.h:87,
                 from ../../include/squid.h:43,
                 from smblib-util.c:33:
In function ‘strncpy’,
    inlined from ‘SMB_Negotiate’ at smblib-util.c:404:9:
/usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ output may be truncated copying 79 bytes from a string of length 79 [-Werror=stringop-truncation]
  106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
      | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In function ‘strncpy’,
    inlined from ‘SMB_Negotiate’ at smblib-util.c:427:9:
/usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ output may be truncated copying 79 bytes from a string of length 79 [-Werror=stringop-truncation]
  106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
      | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In function ‘strncpy’,
    inlined from ‘SMB_TreeConnect’ at smblib-util.c:541:5:
/usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ specified bound 129 equals destination size [-Werror=stringop-truncation]
  106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
      | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In function ‘strncpy’,
    inlined from ‘SMB_TreeConnect’ at smblib-util.c:542:5:
/usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ specified bound 20 equals destination size [-Werror=stringop-truncation]
  106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
      | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
libtool: compile: x86_64-linux-gnu-gcc -DHAVE_CONFIG_H -DDEFAULT_CONFIG_FILE=\"/etc/squid/squid.conf\" -DDEFAULT_SQUID_DATA_DIR=\"/usr/share/squid\" -DDEFAULT_SQUID_CONFIG_DIR=\"/etc/squid\" -I../.. -I../../include -I../../lib -I../../src -I../../include -isystem /usr/include/mit-krb5 -I../../lib -Wdate-time -D_FORTIFY_SOURCE=2 -I/usr/include/libxml2 -Wall -Wpointer-arith -Wwrite-strings -Wmissing-prototypes -Wmissing-declarations -Wcomments -Wshadow -Werror -pipe -D_REENTRANT -g -O2 -fdebug-prefix-map=/home/ubuntu/git/packages/squid/squid=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -c smbencrypt.c -o smbencrypt.o >/dev/null 2>&1
cc1: all warnings being treated as errors
make[3]: *** [Makefile:816: smblib-util.lo] Error 1
make[3]: *** Waiting for unfinished jobs....
make[3]: Leaving directory '/home/ubuntu/git/packages/squid/squid/lib/smblib'
make[2]: *** [Makefile:1047: all-recursive] Error 1
make[2]: Leaving directory '/home/ubuntu/git/packages/squid/squid/lib'
make[1]: *** [Makefile:584: all-recursive] Error 1
make[1]: Leaving directory '/home/ubuntu/git/packages/squid/squid'
make: *** [/usr/share/cdbs/1/class/makefile.mk:77: debian/stamp-makefile-build] Error 2
dpkg-buildpackage: error: debian/rules build subprocess returned exit status 2

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

There are other failures after the ones I pasted. I updated the upstream bug report with them.

summary: - FTBFS: gcc9 stringop-truncation
+ FTBFS: gcc9 stringop-truncation and others
Revision history for this message
Gianfranco Costamagna (costamagnagianfranco) wrote :

I uploaded a workaround, and the gcc-9 upstream patch
and an export of
"-Wno-sizeof-pointer-memaccess -Wno-stringop-truncation"


It shouldn't make things worse, because the bugs are already there, but at least I unblocked something else, while upstream takes care of them.
(I also pinged the person who did the gcc-9 fixes, asking him to help)

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package squid - 4.6-2ubuntu4

squid (4.6-2ubuntu4) eoan; urgency=medium

  * Fix gcc-9 issues (LP: #1835831)
    - Remove -Wno-sizeof-pointer-memaccess -Wno-stringop-truncation
    - debian/patches/more-gcc-9-fixes.patch: switch to xstrncpy in
  * SECURITY UPDATE: incorrect digest auth parameter parsing
    - debian/patches/CVE-2019-12525.patch: check length in
    - CVE-2019-12525
  * SECURITY UPDATE: buffer overflow in basic auth decoding
    - debian/patches/CVE-2019-12527.patch: switch to SBuf in
      src/HttpHeader.cc, src/HttpHeader.h, src/cache_manager.cc,
    - CVE-2019-12527
  * SECURITY UPDATE: basic auth uudecode length issue
    - debian/patches/CVE-2019-12529.patch: replace uudecode with libnettle
      base64 decoder in lib/Makefile.*, src/auth/basic/Config.cc,
      include/uudecode.h, lib/uudecode.c.
    - CVE-2019-12529
  * SECURITY UPDATE: XSS issues in cachemgr.cgi
    - debian/patches/CVE-2019-13345.patch: properly escape values in
    - CVE-2019-13345

 -- Marc Deslauriers <email address hidden> Fri, 19 Jul 2019 08:01:58 -0400

Changed in squid (Ubuntu):
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.