[Dnsmasq-discuss] gcc warnings during build

Simon Kelley simon at thekelleys.org.uk
Wed Sep 26 20:11:09 BST 2007

Jima wrote:
> Simon (et al),
>   Matt Domsch (who does periodic rebuilds of Fedora packages to offer early 
> warnings of failures) brought to my attention a couple of warnings 
> produced during the dnsmasq build process:
> http://linux.dell.com/files/fedora/FixBuildRequires/mock-results-core/x86_64/dnsmasq-2.40-1.fc8.src.rpm/result/build.log
>   Particularly, I think he's concerned with:
> dbus.c:115: warning: call to __builtin___memcpy_chk will always overflow destination buffer
>   As my C skills are pitiful at best (probably more like "atrocious" by 
> now), I defer to you.  False positive?  Very bad thing?  Whiny gcc? :-)

Real bug, at worst it will cause a memory overwrite and crash when the 
dbus interface is used to set an IPv6 address for a nameserver. In 
theory, that might be a security hole, _except_ that an attacker would 
already have to be root to use the DBus interface in the first place.

Since there's no security implication, and only very rarely used 
functionality is affected, I don't think there's any need to make a 
special release. I've fixed the 2.41 tree.

The other warnings are trivial, the deprecated function ones have 
already been fixed and I'll do the others just for completeness.

Thanks for passing these on.



More information about the Dnsmasq-discuss mailing list