RepoMirrors/selinux
1
0
Fork 0
mirror of https://github.com/SELinuxProject/selinux synced 2025-02-07 05:11:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

libsepol/cil: silence GCC 12 array-bounds false positive

Browse Source 
GCC 12 produces an array-bounds warning:

    In file included from ../include/sepol/policydb/context.h:23,
                     from ../include/sepol/policydb/policydb.h:62,
                     from ../cil/src/cil_binary.c:41:
    In function ‘mls_level_init’,
        inlined from ‘mls_level_destroy’ at ../include/sepol/policydb/mls_types.h:99:2,
        inlined from ‘mls_level_destroy’ at ../include/sepol/policydb/mls_types.h:92:20,
        inlined from ‘mls_range_destroy’ at ../include/sepol/policydb/mls_types.h:149:2,
        inlined from ‘cil_rangetransition_to_policydb’ at ../cil/src/cil_binary.c:3231:6:
    ../include/sepol/policydb/mls_types.h:89:9: error: ‘memset’ offset [0, 23] is out of the bounds [0, 0] [-Werror=array-bounds]
       89 |         memset(level, 0, sizeof(mls_level_t));
          |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ../include/sepol/policydb/mls_types.h:89:9: error: ‘memset’ offset [0, 23] is out of the bounds [0, 0] [-Werror=array-bounds]
    cc1: all warnings being treated as errors

This is a false positive, by inspecting the code and compiling with -O3
and -flto.

Closes: https://github.com/SELinuxProject/selinux/issues/339

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Acked-by: James Carter <jwcart2@gmail.com>
This commit is contained in:
Christian Göttsche 2022-03-31 16:43:43 +02:00 committed by Petr Lautrbach
parent c7a3b93e31
commit 5d3c4430ee
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
libsepol/cil/src/cil_binary.c
View File

@ -3222,7 +3222,16 @@ int cil_rangetransition_to_policydb(policydb_t *pdb, const struct cil_db *db, st
} else {
cil_log(CIL_ERR, "Out of memory\n");
}
// TODO: add upper version bound once fixed in upstream GCC
#if defined(__GNUC__) && (__GNUC__ >= 12)
# pragma GCC diagnostic push
# pragma GCC diagnostic ignored "-Warray-bounds"
# pragma GCC diagnostic ignored "-Wstringop-overflow"
#endif
mls_range_destroy(newdatum);
#if defined(__GNUC__) && (__GNUC__ >= 12)
# pragma GCC diagnostic pop
#endif
free(newdatum);
free(newkey);
if (rc != SEPOL_OK) {