bbac7c19e5
Using the system's provided arpa/tftp.h and optimizing, GCC 12 detects
and reports a stringop-overread warning:
tftpd.c: In function ‘write_behind.isra’:
tftpd.c:485:12: warning: ‘write’ reading between 1 and 2147483647 bytes from a region of size 0 [-Wstringop-overread]
485 | return write(test->ofile, writebuf, count);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from tftpd.c:71:
/usr/include/arpa/tftp.h:58:30: note: source object ‘tu_data’ of size 0
58 | char tu_data[0]; /* data or error string */
| ^~~~~~~
This occurs because writebuf points to this field and the latter
cannot be considered as being of dynamic length because it is not
the last field in the structure. Thus it is bound to its declared
size.
This commit always uses curl's own version of tftp.h where the
target field is last in its structure, effectively avoiding the
warning.
As HAVE_ARPA_TFTP_H is not used anymore, cmake/configure checks for
arpa/tftp.h are removed.
Closes #11897
|
||
|---|---|---|
| .circleci | ||
| .github | ||
| .reuse | ||
| CMake | ||
| docs | ||
| include | ||
| lib | ||
| LICENSES | ||
| m4 | ||
| packages | ||
| plan9 | ||
| projects | ||
| scripts | ||
| src | ||
| tests | ||
| winbuild | ||
| .azure-pipelines.yml | ||
| .cirrus.yml | ||
| .dcignore | ||
| .dir-locals.el | ||
| .git-blame-ignore-revs | ||
| .gitattributes | ||
| .gitignore | ||
| .mailmap | ||
| acinclude.m4 | ||
| appveyor.yml | ||
| buildconf | ||
| buildconf.bat | ||
| CHANGES | ||
| CMakeLists.txt | ||
| configure.ac | ||
| COPYING | ||
| curl-config.in | ||
| GIT-INFO | ||
| libcurl.def | ||
| libcurl.pc.in | ||
| MacOSX-Framework | ||
| Makefile.am | ||
| Makefile.dist | ||
| maketgz | ||
| README | ||
| README.md | ||
| RELEASE-NOTES | ||
| SECURITY.md | ||
Curl is a command-line tool for transferring data specified with URL syntax. Find out how to use curl by reading the curl.1 man page or the MANUAL document. Find out how to install Curl by reading the INSTALL document.
libcurl is the library curl is using to do its job. It is readily available to be used by your software. Read the libcurl.3 man page to learn how.
You can find answers to the most frequent questions we get in the FAQ document.
Study the COPYING file for distribution terms.
Contact
If you have problems, questions, ideas or suggestions, please contact us by posting to a suitable mailing list.
All contributors to the project are listed in the THANKS document.
Commercial support
For commercial support, maybe private and dedicated help with your problems or applications using (lib)curl visit the support page.
Website
Visit the curl website for the latest news and downloads.
Git
To download the latest source from the Git server, do this:
git clone https://github.com/curl/curl.git
(you will get a directory named curl created, filled with the source code)
Security problems
Report suspected security problems via our HackerOne page and not in public.
Notice
Curl contains pieces of source code that is Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan. This notice is included here to comply with the distribution terms.
Backers
Thank you to all our backers! 🙏 Become a backer.
Sponsors
Support this project by becoming a sponsor.