* [Buildroot] [PATCH 1/1] package/safeclib: fix build error with gcc 15.x
@ 2026-02-24 21:57 Bernd Kuhls
2026-03-01 21:28 ` Peter Korsgaard
0 siblings, 1 reply; 2+ messages in thread
From: Bernd Kuhls @ 2026-02-24 21:57 UTC (permalink / raw)
To: buildroot; +Cc: Fabrice Fontaine
This defconfig can be built without problems:
BR2_x86_64=y
BR2_GCC_VERSION_15_X=y
BR2_PACKAGE_SAFECLIB=y
However adding rocketlake as architecture variant
BR2_x86_64=y
BR2_x86_rocketlake=y
BR2_GCC_VERSION_15_X=y
BR2_PACKAGE_SAFECLIB=y
causes a build error:
str/vsnprintf_s.c: In function 'safec_ftoa.isra':
str/vsnprintf_s.c:523:24: error: writing 32 bytes into a region of size
31 [-Werror=stringop-overflow=]
523 | buf[len++] = '0';
with gcc 15.x only, gcc =< 14.x is not affected, reason unknown.
This commit adds two upstream commits which fix the problem.
No autobuilder error was recorded.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
---
...snprintf_s-Increase-Buffer-Size-by-1.patch | 47 +++++++++++++++++
...snprintf_s-Increase-Buffer-Size-by-1.patch | 50 +++++++++++++++++++
2 files changed, 97 insertions(+)
create mode 100644 package/safeclib/0001-vsnprintf_s-Increase-Buffer-Size-by-1.patch
create mode 100644 package/safeclib/0002-vsnprintf_s-Increase-Buffer-Size-by-1.patch
diff --git a/package/safeclib/0001-vsnprintf_s-Increase-Buffer-Size-by-1.patch b/package/safeclib/0001-vsnprintf_s-Increase-Buffer-Size-by-1.patch
new file mode 100644
index 0000000000..f99f56f08c
--- /dev/null
+++ b/package/safeclib/0001-vsnprintf_s-Increase-Buffer-Size-by-1.patch
@@ -0,0 +1,47 @@
+From f59a0c8c1b5cf19cd0ed7f9bfb3a1e85f54113d0 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Wed, 13 Aug 2025 20:23:48 -0700
+Subject: [PATCH] vsnprintf_s: Increase Buffer Size by 1
+
+It is a buffer overflow warning that GCC 15.2 is catching.
+The issue is that it's trying to write to `buf[len++]` when len could
+potentially be 31, which would write to buf[31] in a buffer of size 32
+(valid indices 0-31), but the len++ post-increment means it could
+theoretically write beyond the buffer bounds.
+
+Fixes
+
+../../sources/safec-3.9.1/src/str/vsnprintf_s.c: In function 'safec_ftoa.isra':
+../../sources/safec-3.9.1/src/str/vsnprintf_s.c:523:24: error: writing 32 bytes into a region of size 31 [-Werror=stringop-overflow=]
+ 523 | buf[len++] = '0';
+ | ~~~~~~~~~~~^~~~~
+../../sources/safec-3.9.1/src/str/vsnprintf_s.c:394:10: note: at offset [1, 32] into destination object 'buf' of size 32
+ 394 | char buf[PRINTF_FTOA_BUFFER_SIZE];
+ | ^~~
+cc1: all warnings being treated as errors
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+
+Upstream: https://github.com/rurban/safeclib/commit/f59a0c8c1b5cf19cd0ed7f9bfb3a1e85f54113d0
+
+Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
+---
+ src/str/vsnprintf_s.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/str/vsnprintf_s.c b/src/str/vsnprintf_s.c
+index fa53ab42..0b62c3cb 100644
+--- a/src/str/vsnprintf_s.c
++++ b/src/str/vsnprintf_s.c
+@@ -391,7 +391,7 @@ static size_t safec_ftoa(out_fct_type out, const char *funcname, char *buffer,
+ size_t idx, size_t maxlen, double value,
+ unsigned int prec, unsigned int width,
+ unsigned int flags) {
+- char buf[PRINTF_FTOA_BUFFER_SIZE];
++ char buf[PRINTF_FTOA_BUFFER_SIZE + 1]; // Add extra byte for safety
+ size_t len = 0U, off = 0U;
+ double tmp;
+ double diff = 0.0;
+--
+2.47.3
+
diff --git a/package/safeclib/0002-vsnprintf_s-Increase-Buffer-Size-by-1.patch b/package/safeclib/0002-vsnprintf_s-Increase-Buffer-Size-by-1.patch
new file mode 100644
index 0000000000..4301426747
--- /dev/null
+++ b/package/safeclib/0002-vsnprintf_s-Increase-Buffer-Size-by-1.patch
@@ -0,0 +1,50 @@
+From 79e1445f4b3689526b46121b1218cab802b9ae88 Mon Sep 17 00:00:00 2001
+From: Bernd Kuhls <bernd@kuhls.net>
+Date: Sat, 10 Jan 2026 12:16:22 +0100
+Subject: [PATCH] vsnprintf_s: Increase Buffer Size by 1
+
+Another fix similar to https://github.com/rurban/safeclib/commit/f59a0c8c1b5cf19cd0ed7f9bfb3a1e85f54113d0
+
+In function 'safec_ntoa_format',
+ inlined from 'safec_ntoa_long' at str/vsnprintf_s.c:331:12:
+str/vsnprintf_s.c:256:24: error: writing 32 bytes into a region of size 0 [-Werror=stringop-overflow=]
+ 256 | buf[len++] = '0';
+ | ~~~~~~~~~~~^~~~~
+str/vsnprintf_s.c: In function 'safec_ntoa_long':
+str/vsnprintf_s.c:312:10: note: at offset 32 into destination object 'buf' of size 32
+ 312 | char buf[PRINTF_NTOA_BUFFER_SIZE];
+ | ^~~
+In function 'safec_ntoa_format',
+ inlined from 'safec_ntoa_long' at str/vsnprintf_s.c:331:12:
+str/vsnprintf_s.c:260:24: error: writing 32 bytes into a region of size 0 [-Werror=stringop-overflow=]
+ 260 | buf[len++] = '0';
+ | ~~~~~~~~~~~^~~~~
+str/vsnprintf_s.c: In function 'safec_ntoa_long':
+str/vsnprintf_s.c:312:10: note: at offset 32 into destination object 'buf' of size 32
+ 312 | char buf[PRINTF_NTOA_BUFFER_SIZE];
+ | ^~~
+cc1: all warnings being treated as errors
+
+Upstream: https://github.com/rurban/safeclib/commit/79e1445f4b3689526b46121b1218cab802b9ae88
+
+Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
+---
+ src/str/vsnprintf_s.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/str/vsnprintf_s.c b/src/str/vsnprintf_s.c
+index 0b62c3cb..cf8e866e 100644
+--- a/src/str/vsnprintf_s.c
++++ b/src/str/vsnprintf_s.c
+@@ -309,7 +309,7 @@ static size_t safec_ntoa_long(out_fct_type out, const char *funcname,
+ unsigned long value, bool negative,
+ unsigned long base, unsigned int prec,
+ unsigned int width, unsigned int flags) {
+- char buf[PRINTF_NTOA_BUFFER_SIZE];
++ char buf[PRINTF_NTOA_BUFFER_SIZE + 1];
+ size_t len = 0U;
+
+ // no hash for 0 values
+--
+2.47.3
+
--
2.47.3
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/safeclib: fix build error with gcc 15.x
2026-02-24 21:57 [Buildroot] [PATCH 1/1] package/safeclib: fix build error with gcc 15.x Bernd Kuhls
@ 2026-03-01 21:28 ` Peter Korsgaard
0 siblings, 0 replies; 2+ messages in thread
From: Peter Korsgaard @ 2026-03-01 21:28 UTC (permalink / raw)
To: Bernd Kuhls; +Cc: buildroot, Fabrice Fontaine
>>>>> "Bernd" == Bernd Kuhls <bernd@kuhls.net> writes:
> This defconfig can be built without problems:
> BR2_x86_64=y
> BR2_GCC_VERSION_15_X=y
> BR2_PACKAGE_SAFECLIB=y
> However adding rocketlake as architecture variant
> BR2_x86_64=y
> BR2_x86_rocketlake=y
> BR2_GCC_VERSION_15_X=y
> BR2_PACKAGE_SAFECLIB=y
> causes a build error:
> str/vsnprintf_s.c: In function 'safec_ftoa.isra':
> str/vsnprintf_s.c:523:24: error: writing 32 bytes into a region of size
> 31 [-Werror=stringop-overflow=]
> 523 | buf[len++] = '0';
> with gcc 15.x only, gcc =< 14.x is not affected, reason unknown.
> This commit adds two upstream commits which fix the problem.
> No autobuilder error was recorded.
> Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Committed, thanks.
--
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2026-03-01 21:28 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-02-24 21:57 [Buildroot] [PATCH 1/1] package/safeclib: fix build error with gcc 15.x Bernd Kuhls
2026-03-01 21:28 ` Peter Korsgaard
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox