[PATCH] D58797: [Sema] Add some compile time _FORTIFY_SOURCE diagnostics

Erik Pilkington via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Fri Mar 22 12:16:56 PDT 2019


erik.pilkington marked 4 inline comments as done.
erik.pilkington added a comment.

In D58797#1438975 <https://reviews.llvm.org/D58797#1438975>, @nickdesaulniers wrote:

> This is causing false positive warnings for the Linux kernel:
>  https://github.com/ClangBuiltLinux/linux/issues/423
>  :(
>
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/fs/statfs.c#n128
>  Consider this untested case (when the condition is false):
>
>   	if (sizeof(buf) == sizeof(*st))
>   		memcpy(&buf, st, sizeof(*st));
>
>
> fs/statfs.c:129:3: warning: 'memcpy' will always overflow; destination buffer has size 64, but size argument is 88 [-Wfortify-source]
>
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/fs/statfs.c#n169, too.


Ah, I didn't consider that case. Presumably `st` is configured to have different sizes based on the target? I agree that this is a false-positive, but it seems like a pretty narrow edge case, and there is a pretty obvious source workaround that doesn't affect readability: `memcpy(&buf, st, sizeof(buf))`. @aaron.ballman/@rsmith Any thoughts here? IMO keeping this diagnostic is worth it.


Repository:
  rC Clang

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D58797/new/

https://reviews.llvm.org/D58797





More information about the cfe-commits mailing list