Bug 2047022 - glibc: CMSG_NXTHDR may trigger -Wstrict-overflow warning
Summary: glibc: CMSG_NXTHDR may trigger -Wstrict-overflow warning
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: glibc
Version: 37
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Arjun Shankar
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: F36FTBFS F37FTBFS 2116938 F38FTBFS
TreeView+ depends on / blocked
 
Reported: 2022-01-27 09:52 UTC by Fedora Release Engineering
Modified: 2022-09-16 08:35 UTC (History)
16 users (show)

Fixed In Version: glibc-2.36.9000-2.fc38 glibc-2.36-2.fc37 glibc-2.35-16.fc36 glibc-2.34-41.fc35
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: 2116938 (view as bug list)
Environment:
Last Closed: 2022-09-12 17:09:50 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)
build.log (32.00 KB, text/plain)
2022-01-27 09:52 UTC, Fedora Release Engineering
no flags Details
root.log (32.00 KB, text/plain)
2022-01-27 09:52 UTC, Fedora Release Engineering
no flags Details
state.log (1008 bytes, text/plain)
2022-01-27 09:52 UTC, Fedora Release Engineering
no flags Details


Links
System ID Private Priority Status Summary Last Updated
Sourceware 28846 0 P2 NEW CMSG_NXTHDR may trigger -Wstrict-overflow warning 2022-02-01 14:55:54 UTC

Description Fedora Release Engineering 2022-01-27 09:52:25 UTC
socket_wrapper failed to build from source in Fedora rawhide/f36

https://koji.fedoraproject.org/koji/taskinfo?taskID=81986643


For details on the mass rebuild see:

https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
Please fix socket_wrapper at your earliest convenience and set the bug's status to
ASSIGNED when you start fixing it. If the bug remains in NEW state for 8 weeks,
socket_wrapper will be orphaned. Before branching of Fedora 37,
socket_wrapper will be retired, if it still fails to build.

For more details on the FTBFS policy, please visit:
https://docs.fedoraproject.org/en-US/fesco/Fails_to_build_from_source_Fails_to_install/

Comment 1 Fedora Release Engineering 2022-01-27 09:52:28 UTC
Created attachment 1856675 [details]
build.log

file build.log too big, will only attach last 32768 bytes

Comment 2 Fedora Release Engineering 2022-01-27 09:52:30 UTC
Created attachment 1856676 [details]
root.log

file root.log too big, will only attach last 32768 bytes

Comment 3 Fedora Release Engineering 2022-01-27 09:52:31 UTC
Created attachment 1856677 [details]
state.log

Comment 4 Andreas Schneider 2022-01-27 14:36:07 UTC
This is actually a bug in /usr/include/bits/socket.h with -Werror=strict-overflow.


The compiler complains about the CMSG_NXTHDR() macro.


In file included from /usr/include/sys/socket.h:33,
                 from /builddir/build/BUILD/socket_wrapper-1.3.3/src/socket_wrapper.c:50:
In function '__cmsg_nxthdr',
    inlined from 'test_sendmsg_cmsg' at /builddir/build/BUILD/socket_wrapper-1.3.3/tests/test_swrap_unit.c:73:9:
/usr/include/bits/socket.h:322:6: error: assuming pointer wraparound does not occur when comparing P +- C1 with P +- C2 [-Werror=strict-overflow]
  322 |   if ((unsigned char *) (__cmsg + 1) > ((unsigned char *) __mhdr->msg_control
      |      ^


The line in test_swrap_unit.c:73 is:

73  »·······cmsg = CMSG_NXTHDR(&msg, cmsg);

Comment 5 Florian Weimer 2022-02-01 14:55:55 UTC
We're going to fix this upstream, thanks for the report.

Comment 6 Ben Cotton 2022-02-08 20:06:01 UTC
This bug appears to have been reported against 'rawhide' during the Fedora 36 development cycle.
Changing version to 36.

Comment 7 Tomáš Hrnčiar 2022-04-21 15:12:25 UTC
The following builds were made after this report was opened: glibc-2.35-2.fc37 glibc-2.35.9000-1.fc37 glibc-2.35.9000-10.fc37 glibc-2.35.9000-11.fc37 glibc-2.35.9000-12.fc37 glibc-2.35.9000-13.fc37 glibc-2.35.9000-14.fc37 glibc-2.35.9000-2.fc37 glibc-2.35.9000-3.fc37 glibc-2.35.9000-4.fc37 glibc-2.35.9000-5.fc37 glibc-2.35.9000-6.fc37 glibc-2.35.9000-7.fc37 glibc-2.35.9000-8.fc37 glibc-2.35.9000-9.fc37

Comment 8 Carlos O'Donell 2022-04-21 19:43:00 UTC
Reopening. We should confirm the issues is fixed.

Comment 9 Carlos O'Donell 2022-05-03 13:51:59 UTC
318   __cmsg = (struct cmsghdr *) ((unsigned char *) __cmsg
319                                + CMSG_ALIGN (__cmsg->cmsg_len));
320   if ((unsigned char *) (__cmsg + 1) > ((unsigned char *) __mhdr->msg_control
321                                         + __mhdr->msg_controllen)
322       || ((unsigned char *) __cmsg + CMSG_ALIGN (__cmsg->cmsg_len)
323           > ((unsigned char *) __mhdr->msg_control + __mhdr->msg_controllen)))
324     /* No more entries.  */
325     return (struct cmsghdr *) 0;
326   return __cmsg;

In practice line 318+319 are all that is needed for this function when interacting with kernel code.

The subsequent checks need to be rewritten to do a pointer difference rather than adding and moving the pointer forward possibly beyond the end of the data.

You must compute if there is enough space to put the next control message header and rewrite with pointer arithmetic.

We need to keep the existing checks because code can depend on them, even if the implementation could be simplified to just return '__cmsg + __cmsg->cms_len' as a simple answer.

Comment 12 Andreas Schneider 2022-07-21 05:48:07 UTC
I'm still running into this issue with Fedora 36!

Comment 13 Andreas Schneider 2022-07-21 05:52:28 UTC
In file included from /usr/include/sys/socket.h:33,
                 from /home/asn/workspace/projects/socket_wrapper/src/socket_wrapper.c:50,
                 from /home/asn/workspace/projects/socket_wrapper/tests/test_swrap_unit.c:10:
In function ‘__cmsg_nxthdr’,
    inlined from ‘test_sendmsg_cmsg’ at /home/asn/workspace/projects/socket_wrapper/tests/test_swrap_unit.c:73:9:
/usr/include/bits/socket.h:324:6: error: assuming pointer wraparound does not occur when comparing P +- C1 with P +- C2 [-Werror=strict-overflow]
  324 |   if ((unsigned char *) (__cmsg + 1) > ((unsigned char *) __mhdr->msg_control
      |      ^

Comment 14 Andreas Schneider 2022-08-04 07:28:33 UTC
This has been addressed upstream. Can we get a fix for this for Fedora 37?

Comment 16 Ben Cotton 2022-08-09 13:37:57 UTC
This bug appears to have been reported against 'rawhide' during the Fedora Linux 37 development cycle.
Changing version to 37.

Comment 17 Arjun Shankar 2022-08-16 13:25:45 UTC
Hi Andreas,

> This has been addressed upstream. Can we get a fix for this for Fedora 37?

Yes! We plan to fix this in f37, f26, and f35, starting with rawhide.

We recently had a glibc release upstream and were waiting for f37 to branch from rawhide so we can update rawhide again with the latest development branch. This is finally done. The header changes that should fix this in rawhide are in place since yesterday (glibc-2.36.9000-1.fc38).

Would you please issue a fresh socket_wrapper build in rawhide? That would be a good confirmation that this issue is closed out in rawhide. Once that goes through, I'll go ahead and backport this to upstream release branches and then into the recent Fedora releases I mentioned above.

Thanks!
Arjun

Comment 18 Arjun Shankar 2022-08-23 11:00:32 UTC
I tested this by issuing a scratch build in rawhide for socket_wrapper. Then I backported the fix to the relevant upstream release branches for f37, f36, and f35, and synced the fedora releases to those branches. This should now be fixed in rawhide, f37, f36, and f35.

Comment 19 Fedora Update System 2022-08-23 11:18:09 UTC
FEDORA-2022-84e8c5efde has been submitted as an update to Fedora 36. https://bodhi.fedoraproject.org/updates/FEDORA-2022-84e8c5efde

Comment 20 Fedora Update System 2022-08-23 11:18:12 UTC
FEDORA-2022-59a7796ddf has been submitted as an update to Fedora 37. https://bodhi.fedoraproject.org/updates/FEDORA-2022-59a7796ddf

Comment 21 Fedora Update System 2022-08-24 18:43:52 UTC
FEDORA-2022-59a7796ddf has been pushed to the Fedora 37 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2022-59a7796ddf`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-59a7796ddf

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 22 Fedora Update System 2022-08-24 20:12:36 UTC
FEDORA-2022-84e8c5efde has been pushed to the Fedora 36 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2022-84e8c5efde`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-84e8c5efde

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 23 Fedora Update System 2022-08-24 20:40:41 UTC
FEDORA-2022-781669c384 has been pushed to the Fedora 35 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2022-781669c384`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-781669c384

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 24 Fedora Update System 2022-09-08 09:32:43 UTC
FEDORA-2022-403dca5e92 has been pushed to the Fedora 37 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2022-403dca5e92`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-403dca5e92

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 25 Fedora Update System 2022-09-08 11:25:36 UTC
FEDORA-2022-27c04744e2 has been pushed to the Fedora 35 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2022-27c04744e2`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-27c04744e2

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 26 Fedora Update System 2022-09-08 12:09:02 UTC
FEDORA-2022-9471e772b5 has been pushed to the Fedora 36 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2022-9471e772b5`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-9471e772b5

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 27 Andreas Schneider 2022-09-16 08:35:44 UTC
I missed the needinfo sorry.

I can confirm that the error compiling socket_wrapper is gone!


Note You need to log in before you can comment on or make changes to this bug.