Re: [OpenWrt-Devel] [PATCH v2] tools/firmware-utils: fix build with -D_FORTIFY_SOURCE=2

Mon, 05 Nov 2012 09:24:52 -0800 

On Thu, Jun 23, 2011 at 02:11:15PM +0400, Alexey I. Froloff wrote:
> False positive buffer overflow detected by gcc because altinfo uses
> information1, flashLayoutVer and fskernelCRC fields.  We are sure, that
> altinfo length is less than ALTTAGINFO_LEN, so it's safe to memcpy()
> whole altinfo string plus terminating NUL byte.
> 
> Signed-off-by: Alexey I. Froloff <ra...@altlinux.org>
> ---
>  tools/firmware-utils/src/imagetag.c |    2 +-
>  1 files changed, 1 insertions(+), 1 deletions(-)
> 
> diff --git a/tools/firmware-utils/src/imagetag.c 
> b/tools/firmware-utils/src/imagetag.c
> index bebaba2..87d02d5 100644
> --- a/tools/firmware-utils/src/imagetag.c
> +++ b/tools/firmware-utils/src/imagetag.c
> @@ -366,7 +366,7 @@ int tagfile(const char *kernel, const char *rootfs, const 
> char *bin, \
>       }
>  
>       if (args->altinfo_given) {
> -       strncpy(&tag.information1[0], args->altinfo_arg, ALTTAGINFO_LEN);
> +       memcpy(tag.information1, args->altinfo_arg, 
> strlen(args->altinfo_arg)+1);
>       }
>  
>       if (args->second_image_flag_given) {

After more than a year OpenWrt still cannot be built on Linux
distributions using -D_FORTIFY_SOURCE=2 by default.  There is even a
recent bug report about this problem:

  https://dev.openwrt.org/ticket/12368

However, is the "altinfo" option really used anywhere?  It was added
in 2010 by Daniel Dickinson:

  https://dev.openwrt.org/changeset/24011

But searching through the whole history of trunk does not show any
usage of this option - "git log -S altinfo" finds just a single commit
corresponding to the svn revision 24011.

The option also does not seem to work correctly - the altinfo field is
intended to occupy the space normally used by the information1,
flashLayoutVer, fskernelCRC and information2 fields, but subsequent
code in tagfile() unconditionally overwrites the fskernelCRC field,
which would corrupt the altinfo string.

Given the fact that this code seems to be broken and is not used for
two years, maybe it should be fixed by removing it completely?

Attachment: signature.asc
Description: Digital signature

_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel

Reply via email to