Overview

File fix-build-with-D_FORTIFY_SOURCE-2.patch of Package iproute2.7171

From: Michal Kubecek <mkubecek@suse.cz>
Date: Fri, 15 Jan 2016 07:48:14 +0100
Subject: fix build with -D_FORTIFY_SOURCE=2
Patch-mainline: Never, SLE specific
References: bsc#719537

The ip command built with -D_FORTIFY_SOURCE=2 fails due to a
buffer overflow being detected (bnc#719537). This is a false
positive but we need to work around it to pass the TAHI test
suite.
---
 ip/xfrm_state.c | 29 ++++++++++++++++-------------
 1 file changed, 16 insertions(+), 13 deletions(-)

diff --git a/ip/xfrm_state.c b/ip/xfrm_state.c
index b5734da2aa05..2dc9cb2c81dd 100644
--- a/ip/xfrm_state.c
+++ b/ip/xfrm_state.c
@@ -423,13 +423,16 @@ static int xfrm_state_modify(int cmd, unsigned flags, int argc, char **argv)
 						struct xfrm_algo_auth auth;
 					} u;
 					char buf[XFRM_ALGO_KEY_BUF_SIZE];
-				} alg = {};
+				} *alg;
 				int len;
 				__u32 icvlen, trunclen;
 				char *name;
 				char *key = "";
 				char *buf;
 
+				alg = alloca(sizeof(*alg) + XFRM_ALGO_KEY_BUF_SIZE);
+				memset(alg, 0, sizeof(*alg) + XFRM_ALGO_KEY_BUF_SIZE);
+
 				switch (type) {
 				case XFRMA_ALG_AEAD:
 					if (ealgop || aalgop || aeadop)
@@ -474,8 +477,8 @@ static int xfrm_state_modify(int cmd, unsigned flags, int argc, char **argv)
 					break;
 				}
 
-				buf = alg.u.alg.alg_key;
-				len = sizeof(alg.u.alg);
+				buf = alg->u.alg.alg_key;
+				len = sizeof(alg->u.alg);
 
 				switch (type) {
 				case XFRMA_ALG_AEAD:
@@ -485,10 +488,10 @@ static int xfrm_state_modify(int cmd, unsigned flags, int argc, char **argv)
 					if (get_u32(&icvlen, *argv, 0))
 						invarg("ALGO-ICV-LEN value is invalid",
 						       *argv);
-					alg.u.aead.alg_icv_len = icvlen;
+					alg->u.aead.alg_icv_len = icvlen;
 
-					buf = alg.u.aead.alg_key;
-					len = sizeof(alg.u.aead);
+					buf = alg->u.aead.alg_key;
+					len = sizeof(alg->u.aead);
 					break;
 				case XFRMA_ALG_AUTH_TRUNC:
 					if (!NEXT_ARG_OK())
@@ -497,19 +500,19 @@ static int xfrm_state_modify(int cmd, unsigned flags, int argc, char **argv)
 					if (get_u32(&trunclen, *argv, 0))
 						invarg("ALGO-TRUNC-LEN value is invalid",
 						       *argv);
-					alg.u.auth.alg_trunc_len = trunclen;
+					alg->u.auth.alg_trunc_len = trunclen;
 
-					buf = alg.u.auth.alg_key;
-					len = sizeof(alg.u.auth);
+					buf = alg->u.auth.alg_key;
+					len = sizeof(alg->u.auth);
 					break;
 				}
 
-				xfrm_algo_parse((void *)&alg, type, name, key,
-						buf, sizeof(alg.buf));
-				len += alg.u.alg.alg_key_len;
+				xfrm_algo_parse((void *)alg, type, name, key,
+						buf, sizeof(alg->buf));
+				len += alg->u.alg.alg_key_len;
 
 				addattr_l(&req.n, sizeof(req.buf), type,
-					  (void *)&alg, len);
+					  (void *)alg, len);
 				break;
 			}
 			default:
-- 
2.7.0
openSUSE Build Service is sponsored by
Places