In function ‘strncpy’,
inlined from ‘print_ehdr’ at readelf.c:1175:4:
error: ‘__builtin_strncpy’ specified bound 512 equals destination size
[-Werror=stringop-truncation]
strncpy doesn't terminate the copied string if there is not enough
room. We compensate later by explicitly adding a zero terminator at
buf[sizeof (buf) - 1]. Normally gcc does see this, but with
-fsanitize=address there is too much (checking) code in between. But
it is actually better to not let strncpy do too much work, so
substract one from the size.
Signed-off-by: Mark Wielaard <m...@klomp.org>
---
src/ChangeLog | 4 ++++
src/readelf.c | 2 +-
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/ChangeLog b/src/ChangeLog
index 05b2522d..263e9faa 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,7 @@
+2021-12-04 Mark Wielaard <m...@klomp.org>
+
+ * readelf.c (print_ehdr): Pass sizeof (buf) - 1 to strncpy.
+
2021-10-20 John M Mellor-Crummey <joh...@rice.edu>
* readelf.c (print_debug_line_section): Try to read
diff --git a/src/readelf.c b/src/readelf.c
index c10038e3..93fb5989 100644
--- a/src/readelf.c
+++ b/src/readelf.c
@@ -1172,7 +1172,7 @@ print_ehdr (Ebl *ebl, GElf_Ehdr *ehdr)
(uint32_t) shdr->sh_link);
else
{
- strncpy (buf, _(" ([0] not available)"), sizeof (buf));
+ strncpy (buf, _(" ([0] not available)"), sizeof (buf) - 1);
buf[sizeof (buf) - 1] = '\0';
}
--
2.30.2
