yubihsm-shell icon indicating copy to clipboard operation
yubihsm-shell copied to clipboard

Published 20 hours ago verified publisher icon Yubico

tests: Fix untermined string initializaions

Open Jakuje opened this issue 10 months ago • 5 comments

The new GCC 15 reports error when the string initializers overflow the size of the underlying structure. This is common when the byte strings are constructed in quotes such as "\xBB" as such this string has trailing null byte and therefore the size two.

This is not an issue in the tests as they do not expect the string to be NULL terminated, but it might uncover issues in other cases.

Example of the error:

/builddir/build/BUILD/yubihsm-shell-2.6.0-build/yubihsm-shell-2.6.0/pkcs11/tests/aes_encrypt_test.c:38:3: error: initializer-string for array of ‘unsigned char’ is too long [-Werror=unterminated-string-initialization]
   38 |   "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
      |   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Some cases are easy to rewrite to byte list, some places already had suspicious +1 in the buffers to accommodate this and for string where really a strlen is expected, I tried to change it that way. Let me know if this works for you or there is something to improve.

Untested with HW.

Jakuje avatar Feb 05 '25 13:02 Jakuje

Would you mind rebasing this on master, to get CI to run correctly. Thanks.

qpernil avatar Feb 05 '25 17:02 qpernil

Would you mind rebasing this on master, to get CI to run correctly. Thanks.

I see this commit directly on top of current master on my end and also github thinks so:

This branch is 1 commit ahead of Yubico/yubihsm-shell:master.

https://github.com/Jakuje/yubihsm-shell/tree/gcc15

Or is there something else I should look into?

Jakuje avatar Feb 05 '25 18:02 Jakuje

Sorry I didn't check closely enough, we had very similar failures just before this caused by an expired certificate, so I assumed you hadn't rebased on top of the fix for that. But when I check properly I see your failures are because of lack of access to a git secret for external PRs. I will run tests manually instead.

qpernil avatar Feb 06 '25 11:02 qpernil

Running tests against HW succeeds.

qpernil avatar Feb 06 '25 12:02 qpernil

Thanks for the contribution, I have approved it. I always thought it a bit strange that string literals were silently truncated when (only) the trailing null was overflowing. Apparently GCC 15 has had enough of such nonsense :-)

qpernil avatar Feb 06 '25 12:02 qpernil