error: ‘%s’ directive output may be truncated writing up to 2511 bytes into a region of size between 875 and 966

[gijzelaerr]

Hi! When i try to compile libs3 on a clean Ubuntu 18.04 I run into troubles:

λ  make
build/obj/request.do: Compiling dynamic object
src/request.c: In function ‘setup_request’:
src/request.c:1056:74: error: ‘%s’ directive output may be truncated writing up to 2511 bytes into a region of size between 875 and 966 [-Werror=format-truncation=]
             "Authorization: AWS4-HMAC-SHA256 Credential=%s,SignedHeaders=%s,Signature=%s",
                                                                          ^~
In file included from /usr/include/stdio.h:862:0,
                 from /usr/include/libxml2/libxml/tree.h:15,
                 from /usr/include/libxml2/libxml/parser.h:16,
                 from src/request.c:32:
/usr/include/x86_64-linux-gnu/bits/stdio2.h:64:10: note: ‘__builtin___snprintf_chk’ output between 70 and 2736 bytes into a destination of size 1024
   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        __bos (__s), __fmt, __va_arg_pack ());
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
src/request.c: In function ‘request_api_initialize’:
src/request.c:1448:51: error: ‘%s’ directive output may be truncated writing up to 64 bytes into a region of size between 31 and 96 [-Werror=format-truncation=]
         snprintf(platform, sizeof(platform), "%s%s%s", utsn.sysname,
                                                   ^~
                  utsn.machine[0] ? " " : "", utsn.machine);
                                              ~~~~
In file included from /usr/include/stdio.h:862:0,
                 from /usr/include/libxml2/libxml/tree.h:15,
                 from /usr/include/libxml2/libxml/parser.h:16,
                 from src/request.c:32:
/usr/include/x86_64-linux-gnu/bits/stdio2.h:64:10: note: ‘__builtin___snprintf_chk’ output between 1 and 130 bytes into a destination of size 96
   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        __bos (__s), __fmt, __va_arg_pack ());
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
src/request.c: In function ‘S3_generate_authenticated_query_string’:
src/request.c:1745:14: error: ‘%s’ directive output may be truncated writing up to 2511 bytes into a region of size between 170 and 329 [-Werror=format-truncation=]
              "X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=%s"
              ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
src/request.c:1749:14:
              computed.signedHeaders, computed.requestSignatureHex);
              ~~~~~~~~
src/request.c:1747:36: note: format string is defined here
              "&X-Amz-SignedHeaders=%s&X-Amz-Signature=%s",
                                    ^~
In file included from /usr/include/stdio.h:862:0,
                 from /usr/include/libxml2/libxml/tree.h:15,
                 from /usr/include/libxml2/libxml/parser.h:16,
                 from src/request.c:32:
/usr/include/x86_64-linux-gnu/bits/stdio2.h:64:10: note: ‘__builtin___snprintf_chk’ output between 117 and 2851 bytes into a destination of size 428
   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        __bos (__s), __fmt, __va_arg_pack ());
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
GNUmakefile:223: recipe for target 'build/obj/request.do' failed
make: *** [build/obj/request.do] Error 1

[jharbott]

I did hit the same issue, seems the checks got stricter with the updated g++:

ubuntu@bionicle1:~/libs3$ g++ --version                                                                                                                                                                            
g++ (Ubuntu 7.3.0-16ubuntu3) 7.3.0                                                                                                                                                                                 
Copyright (C) 2017 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

ubuntu@bionicle1:~/libs3$

As a workaround you can just add an option to demote the error to a warning:

diff --git a/GNUmakefile b/GNUmakefile                                                                                                                                                                             
index c81537c..ab1324e 100644
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -136,7 +136,7 @@ ifndef CFLAGS                                                                                                                                                                                  
     endif                                                                                                                                                                                                         
 endif
 
-CFLAGS += -Wall -Werror -Wshadow -Wextra \
+CFLAGS += -Wall -Werror -Wshadow -Wextra -Wno-format-truncation \
                  -Iinc \
           $(CURL_CFLAGS) $(LIBXML2_CFLAGS) \
           -DLIBS3_VER_MAJOR=\"$(LIBS3_VER_MAJOR)\" \

but in the long run better bounds checking might be needed.