Compilation fails with --disable-werror #2592

ffontaine · 2018-09-07T21:08:01Z

When building lxc with --disable-werror, gnu11 is not added in CLFAGS, moreover lxc does not add gnu99 so compilation fails on:

In file included from ./utils.h:48:0,
                 from cgroups/cgfsng.c:59:
cgroups/cgfsng.c: In function 'lxc_cpumask':
./macro.h:135:2: error: 'for' loop initial declarations are only allowed in C99 or C11 mode
  for (char *__p = NULL, *__it = strtok_r(__splitme, __separators, &__p)

I would be happy to send a PR to add gnu99 if werror is disabled but I'm not sure that this is what is intended. Indeed, I found conflicting information on the minimum gcc version required by lxc:

In the commit message 81a56e8, it is mentioned "We can't really support anything less than gcc-4.8 anyway."
But in this one 9b5724c, it mentions gnu99 and forbids only gcc version below 4.6 (excluded)

The text was updated successfully, but these errors were encountered:

brauner · 2018-09-08T13:28:43Z

The compiler.h header is the authority as to what gcc version we support. :)
And yes, please do send a patch to fix the disable case and add gnu11 to the cflags. Thanks!

Fix #2592 by defining -Wvla -std=gnu11 even if --disable-werror is set As -std=gnu11 is always set, bump requirement on gcc from 4.6 to 4.7 (see https://gcc.gnu.org/projects/cxx-status.html#cxx11) Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>

This bump also includes the fix for CVE-2018-6556 released in 3.0.2 via commit "CVE 2018-6556: verify netns fd in lxc-user-nic": lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path: lxc/lxc@c1cf54e This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a (read-only) open of special kernel files (ptmx, proc, sys). Also add a dependency on gcc >= 4.7 (lxc/lxc#2592) Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

This bump also includes the fix for CVE-2018-6556 released in 3.0.2 via commit "CVE 2018-6556: verify netns fd in lxc-user-nic": lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path: lxc/lxc@c1cf54e This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a (read-only) open of special kernel files (ptmx, proc, sys). Also add a dependency on gcc >= 4.7 (lxc/lxc#2592) Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit df6a01a) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

ffontaine mentioned this issue Sep 8, 2018

lxc: fix build with --disable-werror #2594

Merged

brauner closed this as completed in #2594 Sep 8, 2018

ganto mentioned this issue Sep 16, 2018

lxc-3.0.2 fails to build on CentOS 7 with "error: 'for' loop initial declarations are only allowed in C99 mode" #2615

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Compilation fails with --disable-werror #2592

Compilation fails with --disable-werror #2592

ffontaine commented Sep 7, 2018

brauner commented Sep 8, 2018

Compilation fails with --disable-werror #2592

Compilation fails with --disable-werror #2592

Comments

ffontaine commented Sep 7, 2018

brauner commented Sep 8, 2018