FS#3491 - umDNS fails to compile with GCC10 possible CVE

[openwrt-bot]

ByteEnable:

A warning (treated as error) is emitted from GCC10 when compiling umDNS (object at 'b' is out of the bounds). This could also turn into a CVE.

[ 40%] Building C object CMakeFiles/umdns-lib.dir/service.c.o
/home/ByteEnable/temp/openwrt-master/staging_dir/toolchain-arm_cortex-a9+vfpv3-d16_gcc-10.2.0_musl_eabi/bin/arm-openwrt-linux-muslgnueabi-gcc -Os -pipe -fhonour-copts -Wno-error=unused-but-set-variable -Wno-error=unused-result -mfloat-abi=hard -fmacro-prefix-map=/home/ByteEnable/temp/openwrt-master/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/umdns-2020-10-26-59e4fc98=umdns-2020-10-26-59e4fc98 -Wformat -Werror=format-security -fstack-protector -D_FORTIFY_SOURCE=1 -Wl,-z,now -Wl,-z,relro -I/home/ByteEnable/temp/openwrt-master/staging_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/usr/include -DNDEBUG -Os -ggdb -Wall -Werror --std=gnu99 -Wmissing-declarations -o CMakeFiles/umdns-lib.dir/service.c.o -c /home/ByteEnable/temp/openwrt-master/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/umdns-2020-10-26-59e4fc98/service.c
/home/ByteEnable/temp/openwrt-master/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/umdns-2020-10-26-59e4fc98/service.c: In function 'service_load_blob':
/home/ByteEnable/temp/openwrt-master/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/umdns-2020-10-26-59e4fc98/service.c:242:10: error: 'strncpy' offset 6 from the object at 'b' is out of the bounds of referenced subobject 'name' with type 'uint8_t[]' {aka 'unsigned char[]'} at offset 6 [-Werror=array-bounds]
242 | s->id = strncpy(d_id, blobmsg_name(b), n);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from /home/ByteEnable/temp/openwrt-master/staging_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/usr/include/libubus.h:23,
from /home/ByteEnable/temp/openwrt-master/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/umdns-2020-10-26-59e4fc98/service.c:23:
/home/ByteEnable/temp/openwrt-master/staging_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/usr/include/libubox/blobmsg.h:43:10: note: subobject 'name' declared here
43 | uint8_t name[];
| ^~~~
cc1: all warnings being treated as errors
make[6]: *** [CMakeFiles/umdns-lib.dir/build.make:121: CMakeFiles/umdns-lib.dir/service.c.o] Error 1
make[6]: Leaving directory '/home/ByteEnable/temp/openwrt-master/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/umdns-2020-10-26-59e4fc98'
make[5]: *** [CMakeFiles/Makefile2:124: CMakeFiles/umdns-lib.dir/all] Error 2
make[5]: Leaving directory '/home/ByteEnable/temp/openwrt-master/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/umdns-2020-10-26-59e4fc98'
make[4]: *** [Makefile:149: all] Error 2
make[4]: Leaving directory '/home/ByteEnable/temp/openwrt-master/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/umdns-2020-10-26-59e4fc98'
make[3]: *** [Makefile:50: /home/ByteEnable/temp/openwrt-master/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/umdns-2020-10-26-59e4fc98/.built] Error 2
make[3]: Leaving directory '/home/ByteEnable/temp/openwrt-master/package/network/services/umdns'
time: package/network/services/umdns/compile#0.64#0.16#0.00
ERROR: package/network/services/umdns failed to build.
make[2]: *** [package/Makefile:114: package/network/services/umdns/compile] Error 1
make[2]: Leaving directory '/home/ByteEnable/temp/openwrt-master'
make[1]: *** [package/Makefile:108: /home/ByteEnable/temp/openwrt-master/staging_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/stamp/.package_compile] Error 2
make[1]: Leaving directory '/home/ByteEnable/temp/openwrt-master'
make: *** [/home/ByteEnable/temp/openwrt-master/include/toplevel.mk:242: world] Error 2


[openwrt-bot]

kirelagin:

I think this was fixed with b777a0b53f7d89ab2a60e3eed7d98036806da9a4?

[protectivedad]

It is. This is also a duplicate of FS#3237.