From 9de306701312f986c9638cb819d3f1f848d55cab Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Fri, 2 Mar 2018 17:11:52 +0100 Subject: [PATCH] BaseTools/GenVtf: silence false "stringop-overflow" warning with memcpy() gcc-8 (which is part of Fedora 28) enables the new warning "-Wstringop-overflow" in "-Wall". This warning is documented in detail at ; the introduction says > Warn for calls to string manipulation functions such as memcpy and > strcpy that are determined to overflow the destination buffer. It breaks the BaseTools build with: > GenVtf.c: In function 'ConvertVersionInfo': > GenVtf.c:132:7: error: 'strncpy' specified bound depends on the length > of the source argument [-Werror=stringop-overflow=] > strncpy (TemStr + 4 - Length, Str, Length); > ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > GenVtf.c:130:14: note: length computed here > Length = strlen(Str); > ^~~~~~~~~~~ It is a false positive because, while the bound equals the length of the source argument, the destination pointer is moved back towards the beginning of the destination buffer by the same amount (and this amount is range-checked first, so we can't precede the start of the dest buffer). Replace both strncpy() calls with memcpy(). Cc: Ard Biesheuvel Cc: Cole Robinson Cc: Liming Gao Cc: Paolo Bonzini Cc: Yonghong Zhu Reported-by: Cole Robinson Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek Reviewed-by: Liming Gao --- BaseTools/Source/C/GenVtf/GenVtf.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/BaseTools/Source/C/GenVtf/GenVtf.c b/BaseTools/Source/C/GenVtf/GenVtf.c index 65ae08eece..fc7ae02203 100644 --- a/BaseTools/Source/C/GenVtf/GenVtf.c +++ b/BaseTools/Source/C/GenVtf/GenVtf.c @@ -129,9 +129,9 @@ Returns: } else { Length = strlen(Str); if (Length < 4) { - strncpy (TemStr + 4 - Length, Str, Length); + memcpy (TemStr + 4 - Length, Str, Length); } else { - strncpy (TemStr, Str + Length - 4, 4); + memcpy (TemStr, Str + Length - 4, 4); } sscanf ( -- 2.39.2