CA-406953: fix more undefined behaviour #21
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Edwin Török <[email protected]>
Otherwise it warns that it is a non-literal and can't type check it. Signed-off-by: Edwin Török <[email protected]>
The `v` was missing, and instead of calling the varargs version of printf, it called the regular one. Signed-off-by: Edwin Török <[email protected]>
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
edwintorok
force-pushed
the
private/edvint/undef2
branch
2 times, most recently
from
addf587 to
1c274ea
Compare
andyhhp
reviewed
Feb 21, 2025
Fixes: ``` /usr/include/x86_64-linux-gnu/bits/fcntl2.h:50:11: error: call to ‘__open_missing_mode’ declared with attribute error: open with O_CREAT or O_TMPFILE in second argument needs 3 arguments ``` Signed-off-by: Edwin Török <[email protected]>
edwintorok
force-pushed
the
private/edvint/undef2
branch
2 times, most recently
from
d7ee2d6 to
1ca75ac
Compare
Do not rely on size of 'int' and 'long long', although they happened to work in this case. Use stdint.h types instead. Signed-off-by: Edwin Török <[email protected]>
Sometimes a format string with wrong signedness, or wrong size was used. The wrong size is probably undefined behaviour. Signed-off-by: Edwin Török <[email protected]>
Signed-off-by: Edwin Török <[email protected]>
edwintorok
force-pushed
the
private/edvint/undef2
branch
from
1ca75ac to
26a80ad
Compare
andyhhp
approved these changes
Feb 21, 2025
freddy77
reviewed
Feb 24, 2025
freddy77
reviewed
Feb 24, 2025
lib/weightio.c
Outdated
| @@ -121,7 +121,7 @@ | |||
| MTC_STATUS | |||
| open_hostweight_file(int *fd, int *err_no) | |||
| { | |||
| if ((*fd = open(HA_HOST_WEIGHT_FILE, O_RDWR|O_CREAT)) < 0) | |||
| if ((*fd = open(HA_HOST_WEIGHT_FILE, O_RDWR|O_CREAT, 00400)) < 0) | |||
There was a problem hiding this comment.
Minor, typo, one leading zero is enough.
freddy77
reviewed
Feb 24, 2025
| @@ -322,7 +323,8 @@ MTC_STATIC void | |||
| print_liveset( | |||
| MTC_S32 pri, | |||
| PMTC_S8 log_string, | |||
| MTC_HOSTMAP hostmap); | |||
| MTC_HOSTMAP hostmap) | |||
| __attribute__((format(printf, 2, 0))); | |||
There was a problem hiding this comment.
Are you sure? I cannot see the parameters, how can be a formatting string? Maybe it's a bug?
There was a problem hiding this comment.
Okay, never mind, the 0 says there are no parameter to check against. Maybe a kind of trick can be in place like
static inline const char *
check_print_liveset_format(const char *fmt, ...) __attribute__((format(printf, 1, 2))
{
return fmt;
}
#define print_liveset(pri, fmt, map) print_liveset(pri, check_print_liveset_format(fmt, "dummy"), map)There was a problem hiding this comment.
The compiler is still not entirely happy about it, because it says that the 'log_string' is not a string literal, whereas in the other function where I used format(printf,2,3) it was able to see that fmt is a string literal from the caller and didn't warn about it again.
I'll try the macro trick, that should fix it.
freddy77
reviewed
Feb 24, 2025
rosslagerwall
approved these changes
Mar 5, 2025
GeraldEV
reviewed
Mar 5, 2025
GeraldEV
approved these changes
Mar 5, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When O_CREAT is used then the file mode must be specified, otherwise it'll be something random from the stack:
The file is opened read/write so set matching permission bits.
In
command/stubs.c(used bywritestatefile) we need to callvfprintfwithap, instead offprintf.fprintfwould expect the actual arguments, whereasvfprintfwill forward the varargs correctly.