Bug 2148869
| Summary: | tcp_wrappers: Pointer truncation issue & C99 compatibility | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Florian Weimer <fweimer> | ||||
| Component: | tcp_wrappers | Assignee: | Florian Weimer <fweimer> | ||||
| Status: | CLOSED RAWHIDE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
| Severity: | unspecified | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | rawhide | CC: | jjelen, pb, plautrba | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | tcp_wrappers-7.6-102.fc38 | Doc Type: | If docs needed, set a value | ||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2022-11-28 08:49:10 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Bug Depends On: | |||||||
| Bug Blocks: | 2141798 | ||||||
| Attachments: |
|
||||||
Created attachment 1927970 [details]
tcp_wrappers-inetcf-c99.patch
|
Last upstream release was in 1997 apparently, so I'm filing this bug here for tracking purposes. Building in strict(er) C99 mode reveals an implicit declaration of malloc: inetcf.c: In function 'inet_set': inetcf.c:283:25: error: implicit declaration of function 'malloc' 283 | (struct inet_ent *) malloc(sizeof(struct inet_ent) + strlen(name)); | ^~~~~~ inetcf.c:283:25: warning: incompatible implicit declaration of built-in function 'malloc' [-Wbuiltin-declaration-mismatch] inetcf.c:23:1: note: include '<stdlib.h>' or provide a declaration of 'malloc' 22 | #include "inetcf.h" +++ |+#include <stdlib.h> 23 | inetcf.c: At top level: inetcf.c:9:13: warning: 'sccsid' defined but not used [-Wunused-variable] 9 | static char sccsid[] = "@(#) inetcf.c 1.7 97/02/12 02:13:23"; | ^~~~~~ This truncates the returned pointer to 32 bits, so this can never work. I think this code won't run in practice, so it's probably not a security issue.