2

I was trying to compile a kernel for my HTC phone when my compiler warned about this:

static ssize_t mipi_dsi_3d_barrier_read(struct device *dev,
                struct device_attribute *attr,
                char *buf)
{
    return snprintf((char *)buf, sizeof(buf), "%u\n", barrier_mode);
}

with the message

warning: argument to 'sizeof' in 'snprintf' call is the same expression as the destination; did you mean to provide an explicit length? [-Wsizeof-pointer-memaccess] error, forbidden warning: mipi_novatek.c:524

I fixed a few like this already, as I understand that sizeof(buf) makes no sense, because buf is passed as an argument and therefore the compiler has no idea of the buffer size -even if you happen to pass a static buffer.

Thing is, after fixing a few like this, I am wondering if I am missing something. I downloaded the kernel from a github repository, with quite a few commits from the "original" htc kernel, and I could find these errors in both, so surely it compiled fine for others.

Am I missing or doing something wrong? I am using arm-none-eabi-gcc 4.8.2 from my ubuntu repository, instead of downloading from android.googlesource.com as advised. But regardless of the compiler, this is a bug, isn't it? Shouldn't you pass the buffer size as an extra argument?

EDIT Another such example in the same kernel...

struct msm_adsp_module *module;

...

if (!strncmp(module->name, "QCAMTASK", sizeof(module->name)))
    module_irq_cnt[1]++;
else if(!strncmp(module->name, "VFETASK", sizeof(module->name)))
    module_irq_cnt[2]++;
else if(!strncmp(module->name, "VIDEOENCTASK", sizeof(module->name)))
    module_irq_cnt[3]++;

where

struct msm_adsp_module {
    struct mutex lock;
    const char *name;
    ...
Luis de Arquer
  • 377
  • 2
  • 8
  • How did you fix this code? – M.M Oct 17 '16 at 21:33
  • Curious, why the cast in `(char *)buf`? Ah, I see it is not your code. – chux - Reinstate Monica Oct 17 '16 at 21:40
  • 1
    Note it's not "because buf is an argument" but rather "because buf is a pointer". – user253751 Oct 17 '16 at 23:54
  • @immibis Right, changed the title to make the post less confusing. – Luis de Arquer Oct 18 '16 at 17:33
  • @M.M Didn't fix anything really. It is a 32 bit architecture, so I replaced `sizeof(buf)` with `4`, with the hope of having exactly the same (adjectives here) behaviour than during whatever testing this kernel had, if any. I don't see a quick proper fix. Considered `sprintf` to avoid the warning, but that could bring its own legion of issues... – Luis de Arquer Oct 18 '16 at 17:42
  • OK. It might be a buffer overflow still, I guess you should check all the call sites to this function – M.M Oct 18 '16 at 19:57

1 Answers1

2

Oops, sorry, just missed it from this other thread, which makes the issue very clear

snprintf error. argument to sizeof is the same as destination

in gcc 4.8 documentation, they are talking about this issue: they say:

The behavior of -Wall has changed and now includes the new warning flag -Wsizeof-pointer-memaccess. This may result in new warnings in code that compiled cleanly with previous versions of GCC.

So I guess it surely is a bug, and others just happen to use older compilers. I just couldn't believe there was such code on production kernels...

Community
  • 1
  • 1
Luis de Arquer
  • 377
  • 2
  • 8