Improve security by avoiding buffer overflows

This patch adds compiler flags to improve the security of STX code. Flags added: Format string vulnerabilities: CFLAGS="-Wformat -Wformat-security" Compiler will treat string format warnings as errors, so at compiling level, buffer overflow is avoided. Story: 2004380 Task: 28823 Signed-off-by: Luis Botello <luis.botello.ortega@intel.com> Reviewed-by: Erich Cordoba <erich.cordoba.malibran@intel.com> Victor Rodriguez <vm.rod25@gmail.com> Suggested-by: Victor Rodriguez <vm.rod25@gmail.com> Erich Cordoba <erich.cordoba.malibran@intel.com> Change-Id: I45a0002288db434bc79c477c231f900e477347a1
2019-01-09 05:24:27 -06:00 · 2019-01-09 05:24:27 -06:00 · 196c036013
commit 196c036013
parent ff1b69302e
5 changed files with 12 additions and 11 deletions
--- a/service-mgmt/sm-1.0.0/src/Makefile
+++ b/service-mgmt/sm-1.0.0/src/Makefile
@ -120,7 +120,7 @@ SRCS+=sm_cluster_hbs_info_msg.cpp

 OBJS= $(SRCS:.c=.o)
 CCFLAGS= -g -O2 -Wall -Werror -Wformat  -std=c++11
-EXTRACCFLAGS= -D__STDC_FORMAT_MACROS
+EXTRACCFLAGS= -D__STDC_FORMAT_MACROS -Wformat -Wformat-security
 LDLIBS= -lsqlite3 -lglib-2.0 -luuid -lpthread -lrt -lsm_common -lsm_db -lfmcommon -ljson-c -lcrypto -lssl
 LDFLAGS = -rdynamic

--- a/service-mgmt/sm-1.0.0/src/sm_alarm_thread.c
+++ b/service-mgmt/sm-1.0.0/src/sm_alarm_thread.c
@ -1297,7 +1297,8 @@ static void sm_alarm_thread_audit( const char entity_instance[] )
        return;
    }

-    snprintf( fm_entity_instance_id, FM_MAX_BUFFER_LENGTH, entity_instance );
+    snprintf( fm_entity_instance_id, FM_MAX_BUFFER_LENGTH, "%s",
+              entity_instance );

    fm_error = fm_get_faults_wrapper( &fm_entity_instance_id, fm_alarm_data,
                                      &fm_total_alarms );
--- a/service-mgmt/sm-1.0.0/src/sm_configuration_table.c
+++ b/service-mgmt/sm-1.0.0/src/sm_configuration_table.c
@ -62,7 +62,7 @@ SmErrorT sm_configuration_table_get( const char* key, char* buf, unsigned int bu

    if( 0 != count )
    {
-        snprintf( buf, buf_size, value.value );
+        snprintf( buf, buf_size, "%s", value.value );
    }else
    {
        buf[0] = '\0';
--- a/service-mgmt/sm-common-1.0.0/src/Makefile
+++ b/service-mgmt/sm-common-1.0.0/src/Makefile
@ -15,9 +15,9 @@ SRCS+=sm_thread_health.c
 SRCS+=sm_utils.c
 SRCS+=sm_node_utils.c
 SRCS+=sm_node_stats.c
-SRCS+=sm_selobj.c 
-SRCS+=sm_time.c 
-SRCS+=sm_timer.c 
+SRCS+=sm_selobj.c
+SRCS+=sm_time.c
+SRCS+=sm_timer.c
 SRCS+=sm_netlink.c
 SRCS+=sm_hw.c
 SRCS+=sm_uuid.c
@ -28,7 +28,7 @@ SRCS+=sm_util_types.c
 OBJS = $(SRCS:.c=.o)
 CCFLAGS= -fPIC -g -O2 -Wall -Werror -std=c++11
 EXTRACCFLAGS= -D__STDC_FORMAT_MACROS -DSW_VERSION=\"$(SW_VERSION)\"
-
+EXTRACCFLAGS+= -Wformat -Wformat-security
 LDLIBS= -lsqlite3 -lglib-2.0 -lgmodule-2.0 -luuid -lrt -lpthread
 LDFLAGS = -shared -rdynamic

--- a/service-mgmt/sm-db-1.0.0/src/Makefile
+++ b/service-mgmt/sm-db-1.0.0/src/Makefile
@ -16,19 +16,19 @@ SRCS+=sm_db_service_domain_interfaces.c
 SRCS+=sm_db_service_domain_members.c
 SRCS+=sm_db_service_domain_neighbors.c
 SRCS+=sm_db_service_domain_assignments.c
-SRCS+=sm_db_service_groups.c 
+SRCS+=sm_db_service_groups.c
 SRCS+=sm_db_service_group_members.c
-SRCS+=sm_db_services.c 
+SRCS+=sm_db_services.c
 SRCS+=sm_db_service_heartbeat.c
 SRCS+=sm_db_service_dependency.c
 SRCS+=sm_db_service_instances.c
-SRCS+=sm_db_service_actions.c 
+SRCS+=sm_db_service_actions.c
 SRCS+=sm_db_service_action_results.c
 SRCS+=sm_db_build.c
 SRCS+=sm_db_configuration.c

 OBJS = $(SRCS:.c=.o)
-CCFLAGS= -fPIC -g -O2 -Wall -Werror -std=c++11
+CCFLAGS= -fPIC -g -O2 -Wall -Werror -std=c++11 -Wformat -Wformat-security
 EXTRACCFLAGS= -D__STDC_FORMAT_MACROS
 LDLIBS= -lsqlite3 -lglib-2.0 -luuid -lrt -lsm_common
 LDFLAGS = -shared -rdynamic