On Sun, Aug 11, 2024 at 09:32:10PM +0200, Bastian Blank wrote:
> On Sun, Aug 11, 2024 at 08:43:23AM +0200, Petter Reinholdtsen wrote:
> > but alas, did not really solve much.
>
> This is unsurprising, as the tests in 3.2-3 are just broken.
Also gcc shows buffer overflows:
| ./nslint.c: In function ‘checkwks’:
| ./nslint.c:567:39: warning: ‘%s’ directive writing up to 1023 bytes into a
region of size 512 [-Wformat-overflow=]
| 567 | (void)sprintf(psbuf, "%s/%s", serv, proto);
| | ^~
| ./nslint.c:567:23: note: ‘sprintf’ output 2 or more bytes (assuming 1025)
into a destination of size 512
| 567 | (void)sprintf(psbuf, "%s/%s", serv, proto);
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| ./nslint.c:577:42: warning: ‘%s’ directive writing up to 511 bytes into a
region of size 132 [-Wformat-overflow=]
| 577 | sprintf(errstr, "%s unknown", psbuf);
| | ^~ ~~~~~
| ./nslint.c:577:25: note: ‘sprintf’ output between 9 and 520 bytes into a
destination of size 132
| 577 | sprintf(errstr, "%s unknown", psbuf);
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
And an instrumented cmpaddr function shows the condition that reaches
abort():
| $ nslint -d -c named.conf
| got family: 2, 2
| got family: 2, 2
| got family: -520095920, -517846240
| got family: 0, 2
| got family: 2, 2
| nslint: 19/131072 items used, 0 errors
Fixing the first error, aka replace with cmpitemaddr does not work
either, because the qsort calls it with "struct item **", not "struct
item *". The cmpitemaddr function is unused otherwise.
Now I have to ask you, if you really are capable to maintain a package
in this state?
Bastian
--
Vulcans worship peace above all.
-- McCoy, "Return to Tomorrow", stardate 4768.3
