OpenWrt/LEDE Project

  • Status Unconfirmed
  • Percent Complete
    0%
  • Task Type Bug Report
  • Category Packages
  • Assigned To No-one
  • Operating System All
  • Severity Low
  • Priority Very Low
  • Reported Version Trunk
  • Due in Version Undecided
  • Due Date Undecided
  • Private
Attached to Project: OpenWrt/LEDE Project
Opened by ByteEnable - 05.12.2020

FS#3491 - umDNS fails to compile with GCC10 possible CVE

A warning (treated as error) is emitted from GCC10 when compiling umDNS (object at ‘b’ is out of the bounds). This could also turn into a CVE.

[ 40%] Building C object CMakeFiles/umdns-lib.dir/service.c.o
/home/ByteEnable/temp/openwrt-master/staging_dir/toolchain-arm_cortex-a9+vfpv3-d16_gcc-10.2.0_musl_eabi/bin/arm-openwrt-linux-muslgnueabi-gcc   -Os -pipe  -fhonour-copts -Wno-error=unused-but-set-variable -Wno-error=unused-result -mfloat-abi=hard -fmacro-prefix-map=/home/ByteEnable/temp/openwrt-master/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/umdns-2020-10-26-59e4fc98=umdns-2020-10-26-59e4fc98 -Wformat -Werror=format-security -fstack-protector -D_FORTIFY_SOURCE=1 -Wl,-z,now -Wl,-z,relro -I/home/ByteEnable/temp/openwrt-master/staging_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/usr/include -DNDEBUG   -Os -ggdb -Wall -Werror --std=gnu99 -Wmissing-declarations -o CMakeFiles/umdns-lib.dir/service.c.o -c /home/ByteEnable/temp/openwrt-master/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/umdns-2020-10-26-59e4fc98/service.c
/home/ByteEnable/temp/openwrt-master/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/umdns-2020-10-26-59e4fc98/service.c: In function 'service_load_blob':
/home/ByteEnable/temp/openwrt-master/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/umdns-2020-10-26-59e4fc98/service.c:242:10: error: 'strncpy' offset 6 from the object at 'b' is out of the bounds of referenced subobject 'name' with type 'uint8_t[]' {aka 'unsigned char[]'} at offset 6 [-Werror=array-bounds]
  242 |  s->id = strncpy(d_id, blobmsg_name(b), n);
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from /home/ByteEnable/temp/openwrt-master/staging_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/usr/include/libubus.h:23,
                 from /home/ByteEnable/temp/openwrt-master/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/umdns-2020-10-26-59e4fc98/service.c:23:
/home/ByteEnable/temp/openwrt-master/staging_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/usr/include/libubox/blobmsg.h:43:10: note: subobject 'name' declared here
   43 |  uint8_t name[];
      |          ^~~~
cc1: all warnings being treated as errors
make[6]: *** [CMakeFiles/umdns-lib.dir/build.make:121: CMakeFiles/umdns-lib.dir/service.c.o] Error 1
make[6]: Leaving directory '/home/ByteEnable/temp/openwrt-master/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/umdns-2020-10-26-59e4fc98'
make[5]: *** [CMakeFiles/Makefile2:124: CMakeFiles/umdns-lib.dir/all] Error 2
make[5]: Leaving directory '/home/ByteEnable/temp/openwrt-master/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/umdns-2020-10-26-59e4fc98'
make[4]: *** [Makefile:149: all] Error 2
make[4]: Leaving directory '/home/ByteEnable/temp/openwrt-master/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/umdns-2020-10-26-59e4fc98'
make[3]: *** [Makefile:50: /home/ByteEnable/temp/openwrt-master/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/umdns-2020-10-26-59e4fc98/.built] Error 2
make[3]: Leaving directory '/home/ByteEnable/temp/openwrt-master/package/network/services/umdns'
time: package/network/services/umdns/compile#0.64#0.16#0.00
    ERROR: package/network/services/umdns failed to build.
make[2]: *** [package/Makefile:114: package/network/services/umdns/compile] Error 1
make[2]: Leaving directory '/home/ByteEnable/temp/openwrt-master'
make[1]: *** [package/Makefile:108: /home/ByteEnable/temp/openwrt-master/staging_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/stamp/.package_compile] Error 2
make[1]: Leaving directory '/home/ByteEnable/temp/openwrt-master'
make: *** [/home/ByteEnable/temp/openwrt-master/include/toplevel.mk:242: world] Error 2

Loading...

Available keyboard shortcuts

Tasklist

Task Details

Task Editing