Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

FS#3491 - umDNS fails to compile with GCC10 possible CVE #4

Open
openwrt-bot opened this issue Dec 5, 2020 · 2 comments
Open

FS#3491 - umDNS fails to compile with GCC10 possible CVE #4

openwrt-bot opened this issue Dec 5, 2020 · 2 comments

Comments

@openwrt-bot
Copy link

ByteEnable:

A warning (treated as error) is emitted from GCC10 when compiling umDNS (object at 'b' is out of the bounds). This could also turn into a CVE.

[ 40%] Building C object CMakeFiles/umdns-lib.dir/service.c.o
/home/ByteEnable/temp/openwrt-master/staging_dir/toolchain-arm_cortex-a9+vfpv3-d16_gcc-10.2.0_musl_eabi/bin/arm-openwrt-linux-muslgnueabi-gcc -Os -pipe -fhonour-copts -Wno-error=unused-but-set-variable -Wno-error=unused-result -mfloat-abi=hard -fmacro-prefix-map=/home/ByteEnable/temp/openwrt-master/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/umdns-2020-10-26-59e4fc98=umdns-2020-10-26-59e4fc98 -Wformat -Werror=format-security -fstack-protector -D_FORTIFY_SOURCE=1 -Wl,-z,now -Wl,-z,relro -I/home/ByteEnable/temp/openwrt-master/staging_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/usr/include -DNDEBUG -Os -ggdb -Wall -Werror --std=gnu99 -Wmissing-declarations -o CMakeFiles/umdns-lib.dir/service.c.o -c /home/ByteEnable/temp/openwrt-master/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/umdns-2020-10-26-59e4fc98/service.c
/home/ByteEnable/temp/openwrt-master/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/umdns-2020-10-26-59e4fc98/service.c: In function 'service_load_blob':
/home/ByteEnable/temp/openwrt-master/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/umdns-2020-10-26-59e4fc98/service.c:242:10: error: 'strncpy' offset 6 from the object at 'b' is out of the bounds of referenced subobject 'name' with type 'uint8_t[]' {aka 'unsigned char[]'} at offset 6 [-Werror=array-bounds]
242 | s->id = strncpy(d_id, blobmsg_name(b), n);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from /home/ByteEnable/temp/openwrt-master/staging_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/usr/include/libubus.h:23,
from /home/ByteEnable/temp/openwrt-master/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/umdns-2020-10-26-59e4fc98/service.c:23:
/home/ByteEnable/temp/openwrt-master/staging_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/usr/include/libubox/blobmsg.h:43:10: note: subobject 'name' declared here
43 | uint8_t name[];
| ^~~~
cc1: all warnings being treated as errors
make[6]: *** [CMakeFiles/umdns-lib.dir/build.make:121: CMakeFiles/umdns-lib.dir/service.c.o] Error 1
make[6]: Leaving directory '/home/ByteEnable/temp/openwrt-master/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/umdns-2020-10-26-59e4fc98'
make[5]: *** [CMakeFiles/Makefile2:124: CMakeFiles/umdns-lib.dir/all] Error 2
make[5]: Leaving directory '/home/ByteEnable/temp/openwrt-master/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/umdns-2020-10-26-59e4fc98'
make[4]: *** [Makefile:149: all] Error 2
make[4]: Leaving directory '/home/ByteEnable/temp/openwrt-master/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/umdns-2020-10-26-59e4fc98'
make[3]: *** [Makefile:50: /home/ByteEnable/temp/openwrt-master/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/umdns-2020-10-26-59e4fc98/.built] Error 2
make[3]: Leaving directory '/home/ByteEnable/temp/openwrt-master/package/network/services/umdns'
time: package/network/services/umdns/compile#0.64#0.16#0.00
ERROR: package/network/services/umdns failed to build.
make[2]: *** [package/Makefile:114: package/network/services/umdns/compile] Error 1
make[2]: Leaving directory '/home/ByteEnable/temp/openwrt-master'
make[1]: *** [package/Makefile:108: /home/ByteEnable/temp/openwrt-master/staging_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/stamp/.package_compile] Error 2
make[1]: Leaving directory '/home/ByteEnable/temp/openwrt-master'
make: *** [/home/ByteEnable/temp/openwrt-master/include/toplevel.mk:242: world] Error 2

@openwrt-bot
Copy link
Author

kirelagin:

I think this was fixed with b777a0b?

@protectivedad
Copy link

It is. This is also a duplicate of FS#3237.

@ynezz ynezz transferred this issue from openwrt/openwrt Jun 4, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants