mirror of
https://git.proxmox.com/git/mirror_zfs.git
synced 2024-11-17 10:01:01 +03:00
7584fbe846
Coverity found a bug in `zfs_secpolicy_create_clone()` where it is
possible for us to pass an unterminated string when `zfs_get_parent()`
returns an error. Upon inspection, it is clear that using `strlcpy()`
would have avoided this issue.
Looking at the codebase, there are a number of other uses of `strncpy()`
that are unsafe and even when it is used safely, switching to
`strlcpy()` would make the code more readable. Therefore, we switch all
instances where we use `strncpy()` to use `strlcpy()`.
Unfortunately, we do not portably have access to `strlcpy()` in
tests/zfs-tests/cmd/zfs_diff-socket.c because it does not link to
libspl. Modifying the appropriate Makefile.am to try to link to it
resulted in an error from the naming choice used in the file. Trying to
disable the check on the file did not work on FreeBSD because Clang
ignores `#undef` when a definition is provided by `-Dstrncpy(...)=...`.
We workaround that by explictly including the C file from libspl into
the test. This makes things build correctly everywhere.
We add a deprecation warning to `config/Rules.am` and suppress it on the
remaining `strncpy()` usage. `strlcpy()` is not portably avaliable in
tests/zfs-tests/cmd/zfs_diff-socket.c, so we use `snprintf()` there as a
substitute.
This patch does not tackle the related problem of `strcpy()`, which is
even less safe. Thankfully, a quick inspection found that it is used far
more correctly than strncpy() was used. A quick inspection did not find
any problems with `strcpy()` usage outside of zhack, but it should be
said that I only checked around 90% of them.
Lastly, some of the fields in kstat_t varied in size by 1 depending on
whether they were in userspace or in the kernel. The origin of this
discrepancy appears to be 04a479f706
where
it was made for no apparent reason. It conflicts with the comment on
KSTAT_STRLEN, so we shrink the kernel field sizes to match the userspace
field sizes.
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Ryan Moeller <ryan@iXsystems.com>
Signed-off-by: Richard Yao <richard.yao@alumni.stonybrook.edu>
Closes #13876
86 lines
3.9 KiB
Plaintext
86 lines
3.9 KiB
Plaintext
#
|
|
# Default build rules for all user space components, every Makefile.am
|
|
# should include these rules and override or extend them as needed.
|
|
#
|
|
|
|
PHONY =
|
|
AM_CPPFLAGS = \
|
|
-include $(top_builddir)/zfs_config.h \
|
|
-I$(top_builddir)/include \
|
|
-I$(top_srcdir)/include \
|
|
-I$(top_srcdir)/module/icp/include \
|
|
-I$(top_srcdir)/lib/libspl/include \
|
|
-I$(top_srcdir)/lib/libspl/include/os/@ac_system_l@
|
|
|
|
AM_LIBTOOLFLAGS = --silent
|
|
|
|
AM_CFLAGS = -std=gnu99 -Wall -Wextra -Wstrict-prototypes -Wmissing-prototypes -Wwrite-strings -Wno-sign-compare -Wno-missing-field-initializers
|
|
AM_CFLAGS += -fno-strict-aliasing
|
|
AM_CFLAGS += $(NO_OMIT_FRAME_POINTER)
|
|
AM_CFLAGS += $(IMPLICIT_FALLTHROUGH)
|
|
AM_CFLAGS += $(DEBUG_CFLAGS)
|
|
AM_CFLAGS += $(ASAN_CFLAGS)
|
|
AM_CFLAGS += $(UBSAN_CFLAGS)
|
|
AM_CFLAGS += $(CODE_COVERAGE_CFLAGS) $(NO_FORMAT_ZERO_LENGTH)
|
|
if BUILD_FREEBSD
|
|
AM_CFLAGS += -fPIC -Werror -Wno-unknown-pragmas -Wno-enum-conversion
|
|
AM_CFLAGS += -include $(top_srcdir)/include/os/freebsd/spl/sys/ccompile.h
|
|
AM_CFLAGS += -I/usr/include -I/usr/local/include
|
|
endif
|
|
|
|
AM_CPPFLAGS += -D_GNU_SOURCE
|
|
AM_CPPFLAGS += -D_REENTRANT
|
|
AM_CPPFLAGS += -D_FILE_OFFSET_BITS=64
|
|
AM_CPPFLAGS += -D_LARGEFILE64_SOURCE
|
|
AM_CPPFLAGS += -DLIBEXECDIR=\"$(libexecdir)\"
|
|
AM_CPPFLAGS += -DRUNSTATEDIR=\"$(runstatedir)\"
|
|
AM_CPPFLAGS += -DSBINDIR=\"$(sbindir)\"
|
|
AM_CPPFLAGS += -DSYSCONFDIR=\"$(sysconfdir)\"
|
|
AM_CPPFLAGS += -DPKGDATADIR=\"$(pkgdatadir)\"
|
|
AM_CPPFLAGS += $(DEBUG_CPPFLAGS)
|
|
AM_CPPFLAGS += $(CODE_COVERAGE_CPPFLAGS)
|
|
AM_CPPFLAGS += -DTEXT_DOMAIN=\"zfs-@ac_system_l@-user\"
|
|
|
|
AM_CPPFLAGS_NOCHECK = -D"strtok(...)=strtok(__VA_ARGS__) __attribute__((deprecated(\"Use strtok_r(3) instead!\")))"
|
|
AM_CPPFLAGS_NOCHECK += -D"__xpg_basename(...)=__xpg_basename(__VA_ARGS__) __attribute__((deprecated(\"basename(3) is underspecified. Use zfs_basename() instead!\")))"
|
|
AM_CPPFLAGS_NOCHECK += -D"basename(...)=basename(__VA_ARGS__) __attribute__((deprecated(\"basename(3) is underspecified. Use zfs_basename() instead!\")))"
|
|
AM_CPPFLAGS_NOCHECK += -D"dirname(...)=dirname(__VA_ARGS__) __attribute__((deprecated(\"dirname(3) is underspecified. Use zfs_dirnamelen() instead!\")))"
|
|
AM_CPPFLAGS_NOCHECK += -D"bcopy(...)=__attribute__((deprecated(\"bcopy(3) is deprecated. Use memcpy(3)/memmove(3) instead!\"))) bcopy(__VA_ARGS__)"
|
|
AM_CPPFLAGS_NOCHECK += -D"bcmp(...)=__attribute__((deprecated(\"bcmp(3) is deprecated. Use memcmp(3) instead!\"))) bcmp(__VA_ARGS__)"
|
|
AM_CPPFLAGS_NOCHECK += -D"bzero(...)=__attribute__((deprecated(\"bzero(3) is deprecated. Use memset(3) instead!\"))) bzero(__VA_ARGS__)"
|
|
AM_CPPFLAGS_NOCHECK += -D"asctime(...)=__attribute__((deprecated(\"Use strftime(3) instead!\"))) asctime(__VA_ARGS__)"
|
|
AM_CPPFLAGS_NOCHECK += -D"asctime_r(...)=__attribute__((deprecated(\"Use strftime(3) instead!\"))) asctime_r(__VA_ARGS__)"
|
|
AM_CPPFLAGS_NOCHECK += -D"gmtime(...)=__attribute__((deprecated(\"gmtime(3) isn't thread-safe. Use gmtime_r(3) instead!\"))) gmtime(__VA_ARGS__)"
|
|
AM_CPPFLAGS_NOCHECK += -D"localtime(...)=__attribute__((deprecated(\"localtime(3) isn't thread-safe. Use localtime_r(3) instead!\"))) localtime(__VA_ARGS__)"
|
|
AM_CPPFLAGS_NOCHECK += -D"strncpy(...)=__attribute__((deprecated(\"strncpy(3) is deprecated. Use strlcpy(3) instead!\"))) strncpy(__VA_ARGS__)"
|
|
|
|
AM_CPPFLAGS += $(AM_CPPFLAGS_NOCHECK)
|
|
|
|
if ASAN_ENABLED
|
|
AM_CPPFLAGS += -DZFS_ASAN_ENABLED
|
|
endif
|
|
|
|
if UBSAN_ENABLED
|
|
AM_CPPFLAGS += -DZFS_UBSAN_ENABLED
|
|
endif
|
|
|
|
AM_LDFLAGS = $(DEBUG_LDFLAGS)
|
|
AM_LDFLAGS += $(ASAN_LDFLAGS)
|
|
AM_LDFLAGS += $(UBSAN_LDFLAGS)
|
|
|
|
if BUILD_FREEBSD
|
|
AM_LDFLAGS += -fstack-protector-strong -shared
|
|
AM_LDFLAGS += -Wl,-x -Wl,--fatal-warnings -Wl,--warn-shared-textrel
|
|
AM_LDFLAGS += -lm
|
|
endif
|
|
|
|
|
|
# If a target includes kernel code, generate warnings for large stack frames
|
|
KERNEL_CFLAGS = $(FRAME_LARGER_THAN)
|
|
|
|
# See https://debbugs.gnu.org/cgi/bugreport.cgi?bug=54020
|
|
LIBRARY_CFLAGS = -no-suppress
|
|
|
|
# Forcibly enable asserts/debugging for libzpool &al.
|
|
FORCEDEBUG_CPPFLAGS = -DDEBUG -UNDEBUG -DZFS_DEBUG
|