xmlconfig sha1 code has overflow and possible bug
8f48e7b1e991375f6b03fac09a4f4416eb2f1afc
Author: Pierre-Eric Pelloux-Prayer <pierre-eric.pelloux-prayer@amd.com>
Date: Mon Mar 16 10:49:45 2020 +0100
util/xmlconfig: add new sha1 application attribute
On an LTO build I'm seeing
In function ‘_mesa_sha1_format’,
inlined from ‘parseAppAttr’ at ../src/util/xmlconfig.c:806:17:
../src/util/mesa-sha1.c:50:11: warning: writing 1 byte into a region of size 0 [-Wstringop-overflow=]
50 | buf[i] = '\0';
| ^
../src/util/xmlconfig.c: In function ‘parseAppAttr’:
../src/util/xmlconfig.c:804:22: note: at offset 40 to object ‘sha1s’ with size 40 declared here
804 | char sha1s[40];
| ^
[1005/1148] Linking target src/egl/libEGL.so.1.0.0
In function ‘_mesa_sha1_format’,
inlined from ‘parseAppAttr’ at ../src/util/xmlconfig.c:806:17:
../src/util/mesa-sha1.c:50:11: warning: writing 1 byte into a region of size 0 [-Wstringop-overflow=]
50 | buf[i] = '\0';
| ^
../src/util/xmlconfig.c: In function ‘parseAppAttr’:
../src/util/xmlconfig.c:804:22: note: at offset 40 to object ‘sha1s’ with size 40 declared here
804 | char sha1s[40];
| ^
It looks like _mesa_sha1_format writes to byte 41, however the memcmp also looks wrong, since you compare SHA1_DIGEST_LENGTH when I think you mean to compare the SHA1_DIGEST_STRING_LENGTH.
Edited by Eric Engestrom