From owner-svn-src-head@freebsd.org  Sun Jan 28 01:42:47 2018
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 65A4CED12B6;
 Sun, 28 Jan 2018 01:42:47 +0000 (UTC)
 (envelope-from brde@optusnet.com.au)
Received: from mail109.syd.optusnet.com.au (mail109.syd.optusnet.com.au
 [211.29.132.80])
 by mx1.freebsd.org (Postfix) with ESMTP id D63B685058;
 Sun, 28 Jan 2018 01:42:46 +0000 (UTC)
 (envelope-from brde@optusnet.com.au)
Received: from [192.168.0.102] (c110-21-101-228.carlnfd1.nsw.optusnet.com.au
 [110.21.101.228])
 by mail109.syd.optusnet.com.au (Postfix) with ESMTPS id 26BBDD6E9A7;
 Sun, 28 Jan 2018 12:42:38 +1100 (AEDT)
Date: Sun, 28 Jan 2018 12:42:37 +1100 (EST)
From: Bruce Evans <brde@optusnet.com.au>
X-X-Sender: bde@besplex.bde.org
To: Pedro Giffuni <pfg@freebsd.org>
cc: Bruce Evans <brde@optusnet.com.au>, Dimitry Andric <dim@freebsd.org>, 
 Ed Schouten <ed@nuxi.nl>, src-committers <src-committers@freebsd.org>, 
 svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject: Re: svn commit: r328492 - head/contrib/opie/libopie
In-Reply-To: <5c39c37d-8d0a-22e9-710b-2453e0dd4481@FreeBSD.org>
Message-ID: <20180128121851.U4596@besplex.bde.org>
References: <201801272216.w0RMGJwo057492@repo.freebsd.org>
 <CABh_MKn=3pRWyMHUAQkG17dQVBFEwFA2esFixPtgkCt7VE5oCw@mail.gmail.com>
 <7C471160-44B3-4EA6-8995-08A4EB4332A1@FreeBSD.org>
 <20180128093811.G4029@besplex.bde.org>
 <5c39c37d-8d0a-22e9-710b-2453e0dd4481@FreeBSD.org>
MIME-Version: 1.0
X-Optus-CM-Score: 0
X-Optus-CM-Analysis: v=2.2 cv=DIX/22Fb c=1 sm=1 tr=0
 a=PalzARQSbocsUSjMRkwAPg==:117 a=PalzARQSbocsUSjMRkwAPg==:17
 a=nlC_4_pT8q9DhB4Ho9EA:9 a=JR47EUaj5dUosQkC4R8A:9 a=xtHLe4mNsMW_yGvb:21
 a=3uVtrHTtWy3TCr6j:21 a=45ClL6m2LaAA:10
Content-Type: TEXT/PLAIN; charset=X-UNKNOWN; format=flowed
Content-Transfer-Encoding: QUOTED-PRINTABLE
X-Content-Filtered-By: Mailman/MimeDel 2.1.25
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Jan 2018 01:42:47 -0000

On Sat, 27 Jan 2018, Pedro Giffuni wrote:

> On 01/27/18 18:21, Bruce Evans wrote:
>> On Sat, 27 Jan 2018, Dimitry Andric wrote:
>>=20
>>> On 27 Jan 2018, at 23:20, Ed Schouten <ed@nuxi.nl> wrote:

>* [... context lost to corruption of spaces which makes it unreadable]

>>>>=20
>>>> Wait... This may access utmp.ut_host one byte past the end and no
>>>> longer guarantees that host is null-terminated, right?
>>=20
>>> No, strncpy "copies at most len characters from src into dst".=C2=A0 Ho=
wever,
>>=20
>> No, the change breaks the length so 1 byte past the end is accessed
>> in implementations where ut_host is not guaranteed to be NUL terminated
>> and the current instance of ut_host is not NUL terminated.
>>=20
> The main change is in the sizeof(). Regularly you should use the size of=
=20
> destination not the source, and apparently GCC8 decided there was somethi=
ng=20
> to check there.

That is the main breakage.  Using the size of the destination is very wrong=
,
since that size is intentionally 1 larger than the size of the source, to
leave space for appending a NUL.

> ...
> Looking in detail, upstream (which appears to have disappeared) does have=
 the=20
> explicit NULL termination in our last import. For consistency and given t=
hat=20
> we already have a strlcpy in that code, we should use strlcpy() there. Ev=
ery=20
> modern OS out there has strlcpy(3) and if not they can figure out what to=
 do.

strlcpy() still seems to be intentionally left out of glibc.

Bruce
From owner-svn-src-head@freebsd.org  Sun Jan 28 03:16:55 2018
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 40B24ED4A07;
 Sun, 28 Jan 2018 03:16:55 +0000 (UTC) (envelope-from pfg@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id DF12E68646;
 Sun, 28 Jan 2018 03:16:54 +0000 (UTC) (envelope-from pfg@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id D6F0213EF4;
 Sun, 28 Jan 2018 03:16:54 +0000 (UTC) (envelope-from pfg@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w0S3GsBG007337;
 Sun, 28 Jan 2018 03:16:54 GMT (envelope-from pfg@FreeBSD.org)
Received: (from pfg@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id w0S3Gs2s007336;
 Sun, 28 Jan 2018 03:16:54 GMT (envelope-from pfg@FreeBSD.org)
Message-Id: <201801280316.w0S3Gs2s007336@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: pfg set sender to pfg@FreeBSD.org
 using -f
From: "Pedro F. Giffuni" <pfg@FreeBSD.org>
Date: Sun, 28 Jan 2018 03:16:54 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Subject: svn commit: r328506 - head/contrib/opie/libopie
X-SVN-Group: head
X-SVN-Commit-Author: pfg
X-SVN-Commit-Paths: head/contrib/opie/libopie
X-SVN-Commit-Revision: 328506
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Jan 2018 03:16:55 -0000

Author: pfg
Date: Sun Jan 28 03:16:54 2018
New Revision: 328506
URL: https://svnweb.freebsd.org/changeset/base/328506

Log:
  Revert r328492:
  "Fix gcc80 -Wsizeof-pointer-memaccess warning."
  
  The warning is bogus: GCC8 only looks at the size of the destination.
  We shouldn't be fixing imaginary problems, so perhaps its better to deal
  with this later on by disabling such warnings.
  
  Pointed out by:	ed, bde

Modified:
  head/contrib/opie/libopie/insecure.c

Modified: head/contrib/opie/libopie/insecure.c
==============================================================================
--- head/contrib/opie/libopie/insecure.c	Sun Jan 28 03:07:22 2018	(r328505)
+++ head/contrib/opie/libopie/insecure.c	Sun Jan 28 03:16:54 2018	(r328506)
@@ -135,7 +135,8 @@ int opieinsecure FUNCTION_NOARGS
 	char host[sizeof(utmp.ut_host) + 1];
 	insecure = 1;
 
-	strncpy(host, utmp.ut_host, sizeof(host));
+	strncpy(host, utmp.ut_host, sizeof(utmp.ut_host));
+	host[sizeof(utmp.ut_host)] = 0;
 
 	if (s = strchr(host, ':')) {
 	  int n = s - host;