pkgsrc-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Another build failure - security/clamav

		Hi Greg, pkgsrc-users@,

On 09/07/2017 18:21, Greg Troxel wrote:

Pierre Pronchery <> writes:

On 08/07/2017 00:36, Paul Goyette wrote:
Well, the issue with memtestplus is resolved, but now I'm getting the
following errors with clamav.

Looks like a problem with the 'gets' macro? [...]

This is because of FORTIFY indeed. I have an (ugly) patch for that
(attached). Thoughts?

[2. text/x-chdr; patch-libclamav_fmap.h]...

Thoughts: [...]

(I do not have enough time right now to reply to this, sorry)

  4) It seems like clamav shouldn't even use gets.

It doesn't, but it has a method called "gets()" in a specific class. FORTIFY uses macros to wrap known vulnerable function to an equivalent with boundary checking. Therefore here the pre-processor effectively shadows the class method with a macro of the same name, and the compiler gets confused, expecting something different :(

and on the patch itself:

  It would be nice to have a comment that explains what is actually
  going on.  I'm guessing that the code defines a macro that shadows the
  function, but it would be good to say that and explain why the undef
  doesn't hurt.

Yes, sorry - and you are right. As a side effect, the #undef will effectively disable the protection around gets() for any part of the code including this header. I think we can live with that.


Home | Main Index | Thread Index | Old Index