Potential sizeof vs. mem*() bugs

From: Pawel Worach <pawel.worach_at_gmail.com>
Date: Thu, 4 Aug 2011 13:20:46 +0200
Hi,

clang gained a new warning for checking the sizeof argument in memset / memcpy calls, this triggers a couple of times in the FreeBSD tree, here is a brief summary:

kerberos5/lib/libhx509/../../../crypto/heimdal/lib/hx509/cert.c:357:28: warning: argument to 'sizeof' in 'memset' call is the same expression as the destination; did you mean to dereference it? [-Wsizeof-pointer-memaccess]
    memset(cert, 0, sizeof(cert));
           ~~~~            ^~~~
--
kerberos5/lib/libhx509/../../../crypto/heimdal/lib/hx509/cert.c:357:28: warning: argument to 'sizeof' in 'memset' call is the same expression as the destination; did you mean to dereference it? [-Wsizeof-pointer-memaccess]
    memset(cert, 0, sizeof(cert));
           ~~~~            ^~~~
--
kerberos5/lib/libkrb5/../../../crypto/heimdal/lib/krb5/crypto.c:521:25: warning: argument to 'sizeof' in 'memset' call is the same expression as the destination; did you mean to provide an explicit length? [-Wsizeof-pointer-memaccess]
    memset(x, 0, sizeof(x));
           ~            ^
--
kerberos5/lib/libkrb5/../../../crypto/heimdal/lib/krb5/crypto.c:521:25: warning: argument to 'sizeof' in 'memset' call is the same expression as the destination; did you mean to provide an explicit length? [-Wsizeof-pointer-memaccess]
    memset(x, 0, sizeof(x));
           ~            ^
--
lib/libtelnet/../../contrib/telnet/libtelnet/sra.c:306:24: warning: argument to 'sizeof' in 'memset' call is the same expression as the destination; did you mean to provide an explicit length? [-Wsizeof-pointer-memaccess]
                memset(pass,0,sizeof(pass));
                       ~~~~          ^~~~
--
lib/libthread_db/arch/amd64/libpthread_md.c:95:48: warning: argument to 'sizeof' in 'memcpy' call is the same expression as the source; did you mean to dereference it? [-Wsizeof-pointer-memaccess]
        memcpy(&uc->uc_mcontext.mc_fpstate, r, sizeof(r));
                                            ~         ^
lib/libthread_db/arch/amd64/libpthread_md.c:101:48: warning: argument to 'sizeof' in 'memcpy' call is the same expression as the destination; did you mean to dereference it? [-Wsizeof-pointer-memaccess]
        memcpy(r, &uc->uc_mcontext.mc_fpstate, sizeof(r));
               ~                                      ^
--
lib/libthread_db/arch/amd64/libpthread_md.c:95:48: warning: argument to 'sizeof' in 'memcpy' call is the same expression as the source; did you mean to dereference it? [-Wsizeof-pointer-memaccess]
        memcpy(&uc->uc_mcontext.mc_fpstate, r, sizeof(r));
                                            ~         ^
lib/libthread_db/arch/amd64/libpthread_md.c:101:48: warning: argument to 'sizeof' in 'memcpy' call is the same expression as the destination; did you mean to dereference it? [-Wsizeof-pointer-memaccess]
        memcpy(r, &uc->uc_mcontext.mc_fpstate, sizeof(r));
               ~                                      ^
--
,10001:0lib/bind/isc/../../../contrib/bind9/lib/isc/hmacsha.c:228:24: warning: argument to 'sizeof' in 'memset' call is the same expression as the destination; did you mean to dereference it? [-Wsizeof-pointer-memaccess]
        memset(ctx, 0, sizeof(ctx));
               ~~~            ^~~
lib/bind/isc/../../../contrib/bind9/lib/isc/hmacsha.c:296:24: warning: argument to 'sizeof' in 'memset' call is the same expression as the destination; did you mean to dereference it? [-Wsizeof-pointer-memaccess]
        memset(ctx, 0, sizeof(ctx));
               ~~~            ^~~
lib/bind/isc/../../../contrib/bind9/lib/isc/hmacsha.c:363:24: warning: argument to 'sizeof' in 'memset' call is the same expression as the destination; did you mean to dereference it? [-Wsizeof-pointer-memaccess]
        memset(ctx, 0, sizeof(ctx));
               ~~~            ^~~
lib/bind/isc/../../../contrib/bind9/lib/isc/hmacsha.c:430:24: warning: argument to 'sizeof' in 'memset' call is the same expression as the destination; did you mean to dereference it? [-Wsizeof-pointer-memaccess]
        memset(ctx, 0, sizeof(ctx));
               ~~~            ^~~
lib/bind/isc/../../../contrib/bind9/lib/isc/hmacsha.c:497:24: warning: argument to 'sizeof' in 'memset' call is the same expression as the destination; did you mean to dereference it? [-Wsizeof-pointer-memaccess]
        memset(ctx, 0, sizeof(ctx));
               ~~~            ^~~
--
lib/bind/isc/../../../contrib/bind9/lib/isc/sha2.c:898:28: warning: argument to 'sizeof' in 'memset' call is the same expression as the destination; did you mean to dereference it? [-Wsizeof-pointer-memaccess]
        memset(context, 0, sizeof(context));
               ~~~~~~~            ^~~~~~~
lib/bind/isc/../../../contrib/bind9/lib/isc/sha2.c:1211:28: warning: argument to 'sizeof' in 'memset' call is the same expression as the destination; did you mean to dereference it? [-Wsizeof-pointer-memaccess]
        memset(context, 0, sizeof(context));
               ~~~~~~~            ^~~~~~~
lib/bind/isc/../../../contrib/bind9/lib/isc/sha2.c:1264:28: warning: argument to 'sizeof' in 'memset' call is the same expression as the destination; did you mean to dereference it? [-Wsizeof-pointer-memaccess]
        memset(context, 0, sizeof(context));
               ~~~~~~~            ^~~~~~~
lib/bind/isc/../../../contrib/bind9/lib/isc/sha2.c:1295:29: warning: argument to 'sizeof' in 'memset' call is the same expression as the destination; did you mean to dereference it? [-Wsizeof-pointer-memaccess]
                memset(context, 0, sizeof(context));
                       ~~~~~~~            ^~~~~~~
lib/bind/isc/../../../contrib/bind9/lib/isc/sha2.c:1334:29: warning: argument to 'sizeof' in 'memset' call is the same expression as the destination; did you mean to dereference it? [-Wsizeof-pointer-memaccess]
                memset(context, 0, sizeof(context));
                       ~~~~~~~            ^~~~~~~
lib/bind/isc/../../../contrib/bind9/lib/isc/sha2.c:1373:29: warning: argument to 'sizeof' in 'memset' call is the same expression as the destination; did you mean to dereference it? [-Wsizeof-pointer-memaccess]
                memset(context, 0, sizeof(context));
                       ~~~~~~~            ^~~~~~~
lib/bind/isc/../../../contrib/bind9/lib/isc/sha2.c:1412:29: warning: argument to 'sizeof' in 'memset' call is the same expression as the destination; did you mean to dereference it? [-Wsizeof-pointer-memaccess]
                memset(context, 0, sizeof(context));
                       ~~~~~~~            ^~~~~~~
--
usr.sbin/bluetooth/sdpd/server.c:76:24: warning: argument to 'sizeof' in 'memset' call is the same expression as the destination; did you mean to dereference it? [-Wsizeof-pointer-memaccess]
        memset(srv, 0, sizeof(srv));
               ~~~            ^~~
--
usr.sbin/bsnmpd/bsnmpd/../../../contrib/bsnmp/snmpd/main.c:2706:36: warning: argument to 'sizeof' in 'memset' call is the same expression as the destination; did you mean to remove the addressof? [-Wsizeof-pointer-memaccess]
        memset(&snmpd_usmstats, 0, sizeof(&snmpd_usmstats));
               ~~~~~~~~~~~~~~~            ^~~~~~~~~~~~~~~
--
usr.bin/csup/auth.c:257:27: warning: argument to 'sizeof' in 'memset' call is the same expression as the destination; did you mean to provide an explicit length? [-Wsizeof-pointer-memaccess]
        memset(secret, 0, sizeof(secret));
               ~~~~~~            ^~~~~~
--
/data/buildslave/freeb,10001:0sd-clang-amd64/src-freebsd/usr.bin/opiekey/../../contrib/opie/opiekey.c:112:32: warning: argument to 'sizeof' in 'memset' call is the same expression as the destination; did you mean to provide an explicit length? [-Wsizeof-pointer-memaccess]
      memset(secret, 0, sizeof(secret));
             ~~~~~~            ^~~~~~
usr.bin/opiekey/../../contrib/opie/opiekey.c:118:32: warning: argument to 'sizeof' in 'memset' call is the same expression as the destination; did you mean to provide an explicit length? [-Wsizeof-pointer-memaccess]
      memset(secret, 0, sizeof(secret));
             ~~~~~~            ^~~~~~
usr.bin/opiekey/../../contrib/opie/opiekey.c:124:30: warning: argument to 'sizeof' in 'memset' call is the same expression as the destination; did you mean to provide an explicit length? [-Wsizeof-pointer-memaccess]
    memset(secret, 0, sizeof(secret));
           ~~~~~~            ^~~~~~
--
usr.sbin/wpa/wpa_passphrase/../../../contrib/wpa//src/crypto/md5-internal.c:191:30: warning: argument to 'sizeof' in 'memset' call is the same expression as the destination; did you mean to dereference it? [-Wsizeof-pointer-memaccess]
    os_memset(ctx, 0, sizeof(ctx));     /* In case it's sensitive */
    ~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~
--
usr.sbin/ypserv/yp_main.c:333:9: warning: argument to 'sizeof' in 'memcpy' call is the same pointer type 'struct sockaddr *' as the source; expected 'struct sockaddr' or an explicit length [-Wsizeof-pointer-memaccess]
                                    sizeof(res->ai_addr));
                                    ^~~~~~~~~~~~~~~~~~~~


-- 
Pawel
Received on Thu Aug 04 2011 - 09:50:13 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:16 UTC