View Issue Details

IDProjectCategoryView StatusLast Update
0001072bareos-coreregression testingpublic2019-12-18 15:24
Reportertuxmaster Assigned Toarogge  
PrioritynormalSeverityblockReproducibilityalways
Status closedResolutionfixed 
Platformx86OSFedoraOS Version29
Summary0001072: 18.2.6 build error on tests
DescriptionThe build part for the test fails on Fedora >=29
BUILDSTDERR: /builddir/build/BUILD/bareos-Release-18.2.6/core/src/tests/lib_tests.cc: In function 'void do_get_name_from_hello_test(const char*, const char*, const string&, cons
t BareosVersionNumber&)':
BUILDSTDERR: /builddir/build/BUILD/bareos-Release-18.2.6/core/src/tests/lib_tests.cc:168:42: error: format not a string literal and no format arguments [-Werror=format-security]
BUILDSTDERR: sprintf(bashed_client_name, client_name);
BUILDSTDERR: ^
BUILDSTDERR: cc1plus: some warnings being treated as errors
make[2]: Leaving directory '/builddir/build/BUILD/bareos-Release-18.2.6/my-build'
BUILDSTDERR: make[2]: *** [core/src/tests/CMakeFiles/test_lib.dir/build.make:131: core/src/tests/CMakeFiles/test_lib.dir/lib_tests.cc.o] Error 1
BUILDSTDERR: make[1]: *** [CMakeFiles/Makefile2:686: core/src/tests/CMakeFiles/test_lib.dir/all] Error 2
BUILDSTDERR: make[1]: *** Waiting for unfinished jobs....
Additional InformationSee the build log for details.
Tagstest

Relationships

related to 0001152 closedarogge Release Bareos 18.2.7 

Activities

tuxmaster

tuxmaster

2019-03-31 12:55

reporter  

build.log (561,064 bytes)
arogge

arogge

2019-07-10 17:43

manager   ~0003435

We do not build with -Werror=format-security yet. Could you try without it?
Once we're sure it is this flag, we can try to make sure you can build with it.
tuxmaster

tuxmaster

2019-07-13 11:41

reporter  

bareos-format-security.patch (594 bytes)   
diff -Nuar bareos-Release-18.2.6.org/core/src/tests/lib_tests.cc bareos-Release-18.2.6/core/src/tests/lib_tests.cc
--- bareos-Release-18.2.6.org/core/src/tests/lib_tests.cc	2019-07-13 11:14:57.946726453 +0200
+++ bareos-Release-18.2.6/core/src/tests/lib_tests.cc	2019-07-13 11:27:00.945847448 +0200
@@ -165,7 +165,7 @@
                                         const BareosVersionNumber &version_test)
 {
   char bashed_client_name[20];
-  sprintf(bashed_client_name, client_name);
+  sprintf(bashed_client_name, "%s", client_name);
   BashSpaces(bashed_client_name);
 
   char output_text[64];
tuxmaster

tuxmaster

2019-07-13 11:41

reporter   ~0003459

Yes without it will compile.
But, the setting is security relevant and default since Fedora 28, I create an patch for it.
Here the documentation about the options:
https://src.fedoraproject.org/rpms/redhat-rpm-config/blob/master/f/buildflags.md
https://fedoraproject.org/wiki/Format-Security-FAQ
I have tested the patch on build for centos7, fedora 29, fedora 30.
arogge

arogge

2019-07-15 09:57

manager   ~0003462

Add patches for CMakeLists.txt and for the problematic format string.
0001-cmake-treat-format-string-warnings-as-errors.patch (1,319 bytes)   
From ae348c6baa7e946b489f78f2749582f23da98dd2 Mon Sep 17 00:00:00 2001
From: Andreas Rogge <andreas.rogge@bareos.com>
Date: Mon, 15 Jul 2019 09:47:43 +0200
Subject: [PATCH 1/2] cmake: treat format-string warnings as errors

The build system for newer Fedoras does this by defaults
and it is probably a good idea to watch out for these, so
we enable -Wformat -Werror=format-security if the compiler
supports it.
---
 core/CMakeLists.txt | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/core/CMakeLists.txt b/core/CMakeLists.txt
index 9a1f7e2..c62fc8b 100644
--- a/core/CMakeLists.txt
+++ b/core/CMakeLists.txt
@@ -42,6 +42,16 @@ if (${compiler_will_suggest_override})
    set (CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wsuggest-override")
 endif()
 
+# make format-security issues a compiler-error
+CHECK_CXX_COMPILER_FLAG(-Wformat compiler_format_security)
+if (${compiler_format_security})
+   set (CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wformat")
+endif()
+CHECK_CXX_COMPILER_FLAG(-Werror=format-security compiler_error_format_security)
+if (${compiler_error_format_security})
+   set (CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Werror=format-security")
+endif()
+
 # warn on sign-conversion
 #include(CheckCCompilerFlag)
 #CHECK_C_COMPILER_FLAG(-Wsign-conversion c_compiler_will_warn_sign_conversion)
-- 
1.8.3.1

0002-tests-fix-format-string-problem.patch (886 bytes)   
From a261dcd87ae978da4ff5e910dda8127097d04045 Mon Sep 17 00:00:00 2001
From: Andreas Rogge <andreas.rogge@bareos.com>
Date: Mon, 15 Jul 2019 09:52:29 +0200
Subject: [PATCH 2/2] tests: fix format-string problem

Fixes #1072: 18.2.6 build error on tests
---
 core/src/tests/lib_tests.cc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/tests/lib_tests.cc b/core/src/tests/lib_tests.cc
index f76cef3..fc7e7a5 100644
--- a/core/src/tests/lib_tests.cc
+++ b/core/src/tests/lib_tests.cc
@@ -186,7 +186,7 @@ static void do_get_name_from_hello_test(const char* client_string_fmt,
                                         const BareosVersionNumber& version_test)
 {
   char bashed_client_name[20];
-  sprintf(bashed_client_name, client_name);
+  strncpy(bashed_client_name, client_name, 20);
   BashSpaces(bashed_client_name);
 
   char output_text[64];
-- 
1.8.3.1

arogge

arogge

2019-07-15 09:58

manager   ~0003463

Can you please check whether my attached patches work for you (and maybe apply these to your branch to update the PR)?
Thank you.
tuxmaster

tuxmaster

2019-07-15 16:52

reporter   ~0003481

I have tried both patches from you, but both are rejected against the 18.2.6 source code. :(
arogge_adm

arogge_adm

2019-07-15 16:58

administrator   ~0003482

the patches are for master, you can adapt them for 18.2 yourself if you want.
tuxmaster

tuxmaster

2019-07-15 17:39

reporter   ~0003484

OK.
I have back ported both and tested it with 18.2.6.
They will work as expected, so I will add it to the RP.
So I think we can close this ticket.
arogge

arogge

2019-09-03 14:22

manager   ~0003568

Fix committed to bareos master branch with changesetid 11741.

Related Changesets

bareos: master 77dafb46

2019-07-14 11:55

tuxmaster5000

Ported: N/A

Details Diff
Fix for bareos bug 0001072 (-Werror=format-security) Affected Issues
0001072
mod - core/src/tests/lib_tests.cc Diff File

bareos: bareos-18.2 5220706f

2019-07-14 11:55

tuxmaster5000


Committer: arogge

Ported: N/A

Details Diff
Fix for bareos bug 0001072 (-Werror=format-security)

(cherry picked from commit 77dafb46b031bb760f118f15599b37d1f2db9d31)
Affected Issues
0001072
mod - core/src/tests/lib_tests.cc Diff File

bareos: master df5a1b39

2019-09-03 15:28

arogge


Committer: GitHub

Ported: N/A

Details Diff
Merge pull request 0000228 from tuxmaster5000/0001072

Fixes 0001072: Newer versions of Fedora use stricter code checking
Affected Issues
0001072
mod - core/CMakeLists.txt Diff File
mod - core/src/tests/lib_tests.cc Diff File

Issue History

Date Modified Username Field Change
2019-03-31 12:55 tuxmaster New Issue
2019-03-31 12:55 tuxmaster Tag Attached: test
2019-03-31 12:55 tuxmaster File Added: build.log
2019-07-10 17:43 arogge Assigned To => arogge
2019-07-10 17:43 arogge Status new => feedback
2019-07-10 17:43 arogge Note Added: 0003435
2019-07-10 17:43 arogge Assigned To arogge =>
2019-07-13 11:41 tuxmaster File Added: bareos-format-security.patch
2019-07-13 11:41 tuxmaster Note Added: 0003459
2019-07-13 11:41 tuxmaster Status feedback => new
2019-07-15 09:57 arogge File Added: 0001-cmake-treat-format-string-warnings-as-errors.patch
2019-07-15 09:57 arogge File Added: 0002-tests-fix-format-string-problem.patch
2019-07-15 09:57 arogge Note Added: 0003462
2019-07-15 09:58 arogge Assigned To => arogge
2019-07-15 09:58 arogge Status new => feedback
2019-07-15 09:58 arogge Note Added: 0003463
2019-07-15 16:52 tuxmaster Note Added: 0003481
2019-07-15 16:52 tuxmaster Status feedback => assigned
2019-07-15 16:58 arogge_adm Note Added: 0003482
2019-07-15 17:39 tuxmaster Note Added: 0003484
2019-09-03 14:22 arogge Changeset attached => bareos master df5a1b39
2019-09-03 14:22 Changeset attached => bareos master 77dafb46
2019-09-03 14:22 arogge Note Added: 0003568
2019-09-03 14:22 arogge Status assigned => resolved
2019-09-03 14:22 arogge Resolution open => fixed
2019-10-16 14:22 arogge Changeset attached => bareos bareos-18.2 5220706f
2019-12-12 13:29 arogge Relationship added related to 0001152
2019-12-18 15:24 arogge Status resolved => closed