On 9/15/20 12:22 PM, Arjen de Korte via clamav-users wrote:
ClamAV 0.103.0 builds (and runs) fine most of the time, but I do see (infrequent) failing checks on the build servers for openSUSE. This could be a race condition in the tests and might depend on the number of cores or CPU of the buildserver it runs on.One thing that does concern me slightly, is the number of -Wformat warning in the tests, for example[ 166s] In file included from check_clamav.c:11: [ 166s] check_clamav.c: In function 'diff_file_mem':[ 166s] check_clamav.c:1267:26: warning: format '%d' expects argument of type 'int', but argument 5 has type 'size_t' {aka 'long unsigned int'} [-Wformat=] [ 166s] 1267 | ck_assert_msg(!!buf, "unable to malloc buffer: %d", len); [ 166s] | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~[ 166s] | |[ 166s] | size_t {aka long unsigned int}[ 166s] check_clamav.c:1267:53: note: format string is defined here[ 166s] 1267 | ck_assert_msg(!!buf, "unable to malloc buffer: %d", len);[ 166s] | ~^ [ 166s] | | [ 166s] | int [ 166s] | %ld There are many more which could potentially be an issue.
The Fedora build fails because we build with -Werror=format-security:gcc -DHAVE_CONFIG_H -I. -I.. -I../libclammspack -I.. -I../libclamav -I../libclamav -I../libclamunrar_iface -pthread -I/usr/include/json-c -DSRCDIR=\"/home/orion/fedora/clamav/clamav-0.103.0/unit_tests\" -DOBJDIR=\"/home/orion/fedora/clamav/clamav-0.103.0/unit_tests\" -I/usr/include/libprelude -I/usr/include/libxml2 -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -c -o check_clamav-check_jsnorm.o `test -f 'check_jsnorm.c' || echo './'`check_jsnorm.c
In file included from check_jsnorm.c:32: check_jsnorm.c: In function 'tokenizer_test':check_jsnorm.c:250:57: error: format not a string literal and no format arguments [-Werror=format-security]
250 | ck_assert_msg("failed to open output file: %s", filename);
| ^~~~~~~~
In this case it appears that the ck_assert_msg() call is missing the
condition check. I've filed
https://github.com/Cisco-Talos/clamav-devel/pull/138 with I think the
proper fix.
Orion -- Orion Poplawski Manager of NWRA Technical Systems 720-772-5637 NWRA, Boulder/CoRA Office FAX: 303-415-9702 3380 Mitchell Lane or...@nwra.com Boulder, CO 80301 https://www.nwra.com/
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
