smb: silence -Warray-bounds with gcc 13+
#16187
Closed
+9
−0
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The code look correct. The compiler gets confused by the `byte[1]`
struct member mapped into a memory buffer with a variable-sized
payload starting at this member. Perhaps there is a cleaner way
to silence this by changing the code.
First seen with gcc 13.2.0 in curl-for-win builds. Then with 13.2.1 and
the latest 14.2.0.
```
curl/lib/smb.c: In function 'smb_connection_state':
curl/lib/smb.c:895:5: warning: 'memcpy' offset [74, 80] from the object at 'buf' is out of the bounds of referenced subobject 'bytes' with type 'char[1]' at offset 73 [-Warray-bounds=]
895 | memcpy(smbc->challenge, nrsp->bytes, sizeof(smbc->challenge));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
curl/lib/smb.c:130:8: note: subobject 'bytes' declared here
130 | char bytes[1];
| ^~~~~
```
gcc 14.2.0 debian:testing musl riscv64: https://github.com/curl/curl/actions/runs/13157579253/job/36718140035?pr=16182#step:3:5576
gcc 13.2.1 alpine amd64: https://github.com/curl/curl-for-win/actions/runs/9370491111/job/25797582549#step:3:4869
gcc 13.2.0 debian:testing glibc aarch64: https://github.com/curl/curl-for-win/actions/runs/9370491111/job/25797581315#step:3:6054
gcc 13.2.0 debian:testing glibc amd64: https://github.com/curl/curl-for-win/actions/runs/9370491111/job/25797581315#step:3:10959
gcc 13.2.0 debian:sid glibc riscv64: https://github.com/curl/curl-for-win/actions/runs/9370491111/job/25797580697#step:3:6122
gcc 13.2.0 debian:sid musl riscv64: https://github.com/curl/curl-for-win/actions/runs/9370491111/job/25797583450#step:3:6227
``` C:/projects/curl/lib/smb.c(884,7): error : '__GNUC__' is not defined, evaluates to 0 [-Werror,-Wundef] [C:\projects\curl\_bld\lib\libcurl_object.vcxproj] C:/projects/curl/lib/smb.c(884,25): error : '__GNUC_MINOR__' is not defined, evaluates to 0 [-Werror,-Wundef] [C:\projects\curl\_bld\lib\libcurl_object.vcxproj] C:/projects/curl/lib/smb.c(891,7): error : '__GNUC__' is not defined, evaluates to 0 [-Werror,-Wundef] [C:\projects\curl\_bld\lib\libcurl_object.vcxproj] C:/projects/curl/lib/smb.c(891,25): error : '__GNUC_MINOR__' is not defined, evaluates to 0 [-Werror,-Wundef] [C:\projects\curl\_bld\lib\libcurl_object.vcxproj] ``` https://ci.appveyor.com/project/curlorg/curl/builds/51458284/job/0irksk2l5yhlqi90#L178
pps83
pushed a commit
to pps83/curl
that referenced
this pull request
Apr 26, 2025
The code look correct. The compiler gets confused by the `byte[1]`
struct member mapped into a memory buffer with a variable-sized
payload starting at this member. Perhaps there is a cleaner way
to silence this by changing the code.
First seen with gcc 13.2.0 in curl-for-win builds. Then with 13.2.1 and
the latest 14.2.0.
```
curl/lib/smb.c: In function 'smb_connection_state':
curl/lib/smb.c:895:5: warning: 'memcpy' offset [74, 80] from the object at 'buf' is out of the bounds of referenced subobject 'bytes' with type 'char[1]' at offset 73 [-Warray-bounds=]
895 | memcpy(smbc->challenge, nrsp->bytes, sizeof(smbc->challenge));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
curl/lib/smb.c:130:8: note: subobject 'bytes' declared here
130 | char bytes[1];
| ^~~~~
```
gcc 14.2.0 debian:testing musl riscv64: https://github.com/curl/curl/actions/runs/13157579253/job/36718140035?pr=16182#step:3:5576
gcc 13.2.1 alpine amd64: https://github.com/curl/curl-for-win/actions/runs/9370491111/job/25797582549#step:3:4869
gcc 13.2.0 debian:testing glibc aarch64: https://github.com/curl/curl-for-win/actions/runs/9370491111/job/25797581315#step:3:6054
gcc 13.2.0 debian:testing glibc amd64: https://github.com/curl/curl-for-win/actions/runs/9370491111/job/25797581315#step:3:10959
gcc 13.2.0 debian:sid glibc riscv64: https://github.com/curl/curl-for-win/actions/runs/9370491111/job/25797580697#step:3:6122
gcc 13.2.0 debian:sid musl riscv64: https://github.com/curl/curl-for-win/actions/runs/9370491111/job/25797583450#step:3:6227
Closes curl#16187
vszakats
added a commit
to vszakats/curl
that referenced
this pull request
Jul 25, 2025
Same case as in smb.c silenced earlier.
```
n file included from /home/runner/work/curl/curl/curl/_r64-linux-musl-bld/lib/CMakeFiles/libcurl_object.dir/Unity/unity_0_c.c:184:
In function 'Curl_http_req_make',
inlined from 'Curl_http_proxy_create_CONNECT' at /home/runner/work/curl/curl/curl/lib/http_proxy.c:252:12:
/home/runner/work/curl/curl/curl/lib/http.c:4373:3: error: 'memcpy' offset [137, 142] from the object at 'req' is out of the bounds of referenced subobject 'method' with type 'char[1]' at offset 136 [-Werror=array-bounds=]
4373 | memcpy(req->method, method, m_len);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from /home/runner/work/curl/curl/curl/lib/urldata.h:182,
from /home/runner/work/curl/curl/curl/lib/altsvc.c:32,
from /home/runner/work/curl/curl/curl/_r64-linux-musl-bld/lib/CMakeFiles/libcurl_object.dir/Unity/unity_0_c.c:4:
/home/runner/work/curl/curl/curl/lib/http.h: In function 'Curl_http_proxy_create_CONNECT':
/home/runner/work/curl/curl/curl/lib/http.h:230:8: note: subobject 'method' declared here
230 | char method[1];
| ^~~~~~
```
Ref: https://github.com/curl/curl/actions/runs/16527769182/job/46745369844?pr=18025#step:3:5798
Follow-up to 14f26f5 curl#16187
vszakats
added a commit
to vszakats/curl
that referenced
this pull request
Jul 25, 2025
Same case as in smb.c silenced earlier.
```
n file included from /home/runner/work/curl/curl/curl/_r64-linux-musl-bld/lib/CMakeFiles/libcurl_object.dir/Unity/unity_0_c.c:184:
In function 'Curl_http_req_make',
inlined from 'Curl_http_proxy_create_CONNECT' at /home/runner/work/curl/curl/curl/lib/http_proxy.c:252:12:
/home/runner/work/curl/curl/curl/lib/http.c:4373:3: error: 'memcpy' offset [137, 142] from the object at 'req' is out of the bounds of referenced subobject 'method' with type 'char[1]' at offset 136 [-Werror=array-bounds=]
4373 | memcpy(req->method, method, m_len);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from /home/runner/work/curl/curl/curl/lib/urldata.h:182,
from /home/runner/work/curl/curl/curl/lib/altsvc.c:32,
from /home/runner/work/curl/curl/curl/_r64-linux-musl-bld/lib/CMakeFiles/libcurl_object.dir/Unity/unity_0_c.c:4:
/home/runner/work/curl/curl/curl/lib/http.h: In function 'Curl_http_proxy_create_CONNECT':
/home/runner/work/curl/curl/curl/lib/http.h:230:8: note: subobject 'method' declared here
230 | char method[1];
| ^~~~~~
```
Ref: https://github.com/curl/curl/actions/runs/16527769182/job/46745369844?pr=18025#step:3:5798
Follow-up to 14f26f5 curl#16187
vszakats
added a commit
to vszakats/curl
that referenced
this pull request
Jul 25, 2025
Same case as in smb.c silenced earlier.
```
n file included from /home/runner/work/curl/curl/curl/_r64-linux-musl-bld/lib/CMakeFiles/libcurl_object.dir/Unity/unity_0_c.c:184:
In function 'Curl_http_req_make',
inlined from 'Curl_http_proxy_create_CONNECT' at /home/runner/work/curl/curl/curl/lib/http_proxy.c:252:12:
/home/runner/work/curl/curl/curl/lib/http.c:4373:3: error: 'memcpy' offset [137, 142] from the object at 'req' is out of the bounds of referenced subobject 'method' with type 'char[1]' at offset 136 [-Werror=array-bounds=]
4373 | memcpy(req->method, method, m_len);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from /home/runner/work/curl/curl/curl/lib/urldata.h:182,
from /home/runner/work/curl/curl/curl/lib/altsvc.c:32,
from /home/runner/work/curl/curl/curl/_r64-linux-musl-bld/lib/CMakeFiles/libcurl_object.dir/Unity/unity_0_c.c:4:
/home/runner/work/curl/curl/curl/lib/http.h: In function 'Curl_http_proxy_create_CONNECT':
/home/runner/work/curl/curl/curl/lib/http.h:230:8: note: subobject 'method' declared here
230 | char method[1];
| ^~~~~~
```
Ref: https://github.com/curl/curl/actions/runs/16527769182/job/46745369844?pr=18025#step:3:5798
Follow-up to 14f26f5 curl#16187
vszakats
added a commit
that referenced
this pull request
Jul 26, 2025
This became an issue after promoting curl compiler warnings to errors in
curl-for-win. The code is correct. It over-allocates a struct to store
variable sized data past its length. Similar code is present in
`lib/smb.c`, silenced earlier.
Seen in linux-musl-debian-testing-gcc curl-for-win builds, gcc 14.2.0,
RISC-V (but not amd64/aarch64), unity, debian:testing (trixie):
musl:
```
In file included from /curl/_r64-linux-musl-bld/lib/CMakeFiles/libcurl_object.dir/Unity/unity_0_c.c:184:
In function 'Curl_http_req_make',
inlined from 'Curl_http_proxy_create_CONNECT' at /curl/lib/http_proxy.c:252:12:
/curl/lib/http.c:4373:3: error: 'memcpy' offset [137, 142] from the object at 'req' is out of the bounds of
referenced subobject 'method' with type 'char[1]' at offset 136 [-Werror=array-bounds=]
4373 | memcpy(req->method, method, m_len);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from /curl/lib/urldata.h:182,
from /curl/lib/altsvc.c:32,
from /curl/_r64-linux-musl-bld/lib/CMakeFiles/libcurl_object.dir/Unity/unity_0_c.c:4:
/curl/lib/http.h: In function 'Curl_http_proxy_create_CONNECT':
/curl/lib/http.h:230:8: note: subobject 'method' declared here
230 | char method[1];
| ^~~~~~
```
Ref: https://github.com/curl/curl/actions/runs/16527769182/job/46745369844?pr=18025#step:3:5798
Ref: https://github.com/curl/curl-for-win/actions/runs/16525969694/job/46739239206#step:3:5958
glibc (with unity batch):
```
In file included from /usr/riscv64-linux-gnu/include/string.h:548,
from /curl/lib/curl_setup_once.h:33,
from /curl/lib/curl_setup.h:823,
from /curl/lib/http.c:25,
from /curl/_r64-linux-gnu-bld/lib/CMakeFiles/libcurl_object.dir/Unity/unity_2_c.c:4:
In function 'memcpy',
inlined from 'Curl_http_req_make' at /curl/lib/http.c:4373:3,
inlined from 'Curl_http_proxy_create_CONNECT' at /curl/lib/http_proxy.c:252:12:
/usr/riscv64-linux-gnu/include/bits/string_fortified.h:29:10: error: '__builtin_memcpy' offset [137, 142]
from the object at 'req' is out of the bounds of
referenced subobject 'method' with type 'char[1]' at offset 136 [-Werror=array-bounds=]
29 | return __builtin___memcpy_chk (__dest, __src, __len,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
30 | __glibc_objsize0 (__dest));
| ~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from /curl/lib/urldata.h:182,
from /curl/lib/http.c:50:
/curl/lib/http.h: In function 'Curl_http_proxy_create_CONNECT':
/curl/lib/http.h:230:8: note: subobject 'method' declared here
230 | char method[1];
| ^~~~~~
```
Ref: https://github.com/curl/curl-for-win/actions/runs/16538174468/job/46775731055#step:3:5936
Ref: curl/curl-for-win@f45df09
Follow-up to 14f26f5 #16187
Cherry-picked from #18025
Closes #18030
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The code look correct. The compiler gets confused by the
byte[1]struct member mapped into a memory buffer with a variable-sized
payload starting at this member. Perhaps there is a cleaner way
to silence this by changing the code.
First seen with gcc 13.2.0 in curl-for-win builds. Then with 13.2.1 and
the latest 14.2.0.
gcc 14.2.0 debian:testing musl riscv64: https://github.com/curl/curl/actions/runs/13157579253/job/36718140035?pr=16182#step:3:5576
gcc 13.2.1 alpine amd64: https://github.com/curl/curl-for-win/actions/runs/9370491111/job/25797582549#step:3:4869
gcc 13.2.0 debian:testing glibc aarch64: https://github.com/curl/curl-for-win/actions/runs/9370491111/job/25797581315#step:3:6054
gcc 13.2.0 debian:testing glibc amd64: https://github.com/curl/curl-for-win/actions/runs/9370491111/job/25797581315#step:3:10959
gcc 13.2.0 debian:sid glibc riscv64: https://github.com/curl/curl-for-win/actions/runs/9370491111/job/25797580697#step:3:6122
gcc 13.2.0 debian:sid musl riscv64: https://github.com/curl/curl-for-win/actions/runs/9370491111/job/25797583450#step:3:6227