[PATCH v2] hw/openrisc/openrisc_sim: Avoid buffer overflow build error

[PATCH v2] hw/openrisc/openrisc_sim: Avoid buffer overflow build error

[Jan Kiszka]

From: Jan Kiszka <jan.kiszka@siemens.com>

Resolves this build breakage (which is actually a false-positive)

../hw/openrisc/openrisc_sim.c: In function ‘openrisc_sim_init’:
../hw/openrisc/openrisc_sim.c:284:45: error: ‘__builtin___snprintf_chk’ output may be truncated before the last format character [-Werror=format-truncation=]
     snprintf(alias, sizeof(alias), "serial%d", uart_idx);
                                             ^
In file included from /usr/include/stdio.h:964:0,
                 from /data/qemu/include/qemu/osdep.h:114,
                 from ../hw/openrisc/openrisc_sim.c:21:
/usr/include/bits/stdio2.h:54:10: note: ‘__builtin___snprintf_chk’ output between 8 and 9 bytes into a destination of size 8
   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        __glibc_objsize (__s), __fmt,
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        __va_arg_pack ());
        ~~~~~~~~~~~~~~~~~

by using a modern, more robust allocation pattern.

Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---

Changes to v1 ("Avoid false-positive overflow warning")
 - switch to g_strdup_printf

 hw/openrisc/openrisc_sim.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/hw/openrisc/openrisc_sim.c b/hw/openrisc/openrisc_sim.c
index 880c8ebbb8..b7d9cdd900 100644
--- a/hw/openrisc/openrisc_sim.c
+++ b/hw/openrisc/openrisc_sim.c
@@ -247,10 +247,10 @@ static void openrisc_sim_serial_init(Or1ksimState *state, hwaddr base,
                                      OpenRISCCPU *cpus[], int irq_pin,
                                      int uart_idx)
 {
+    g_autofree char *alias = g_strdup_printf("serial%d", uart_idx);
     void *fdt = state->fdt;
     char *nodename;
     qemu_irq serial_irq;
-    char alias[sizeof("serial0")];
     int i;
 
     if (num_cpus > 1) {
@@ -281,7 +281,6 @@ static void openrisc_sim_serial_init(Or1ksimState *state, hwaddr base,
         /* The /chosen node is created during fdt creation. */
         qemu_fdt_setprop_string(fdt, "/chosen", "stdout-path", nodename);
     }
-    snprintf(alias, sizeof(alias), "serial%d", uart_idx);
     qemu_fdt_setprop_string(fdt, "/aliases", alias, nodename);
 
     g_free(nodename);
-- 
2.51.0

Re: [PATCH v2] hw/openrisc/openrisc_sim: Avoid buffer overflow build error

[Peter Maydell]

On Thu, 16 Oct 2025 at 13:48, Jan Kiszka <jan.kiszka@siemens.com> wrote:
>
> From: Jan Kiszka <jan.kiszka@siemens.com>
>
> Resolves this build breakage (which is actually a false-positive)
>
> ../hw/openrisc/openrisc_sim.c: In function ‘openrisc_sim_init’:
> ../hw/openrisc/openrisc_sim.c:284:45: error: ‘__builtin___snprintf_chk’ output may be truncated before the last format character [-Werror=format-truncation=]
>      snprintf(alias, sizeof(alias), "serial%d", uart_idx);
>                                              ^
> In file included from /usr/include/stdio.h:964:0,
>                  from /data/qemu/include/qemu/osdep.h:114,
>                  from ../hw/openrisc/openrisc_sim.c:21:
> /usr/include/bits/stdio2.h:54:10: note: ‘__builtin___snprintf_chk’ output between 8 and 9 bytes into a destination of size 8
>    return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
>           ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>         __glibc_objsize (__s), __fmt,
>         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>         __va_arg_pack ());
>         ~~~~~~~~~~~~~~~~~
>
> by using a modern, more robust allocation pattern.
>
> Suggested-by: Peter Maydell <peter.maydell@linaro.org>
> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
> ---
>

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>

thanks
-- PMM

Re: [PATCH v2] hw/openrisc/openrisc_sim: Avoid buffer overflow build error

[Philippe Mathieu-Daudé]

On 16/10/25 14:48, Jan Kiszka wrote:
> From: Jan Kiszka <jan.kiszka@siemens.com>
> 
> Resolves this build breakage (which is actually a false-positive)
> 
> ../hw/openrisc/openrisc_sim.c: In function ‘openrisc_sim_init’:
> ../hw/openrisc/openrisc_sim.c:284:45: error: ‘__builtin___snprintf_chk’ output may be truncated before the last format character [-Werror=format-truncation=]
>       snprintf(alias, sizeof(alias), "serial%d", uart_idx);
>                                               ^
> In file included from /usr/include/stdio.h:964:0,
>                   from /data/qemu/include/qemu/osdep.h:114,
>                   from ../hw/openrisc/openrisc_sim.c:21:
> /usr/include/bits/stdio2.h:54:10: note: ‘__builtin___snprintf_chk’ output between 8 and 9 bytes into a destination of size 8
>     return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
>            ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>          __glibc_objsize (__s), __fmt,
>          ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>          __va_arg_pack ());
>          ~~~~~~~~~~~~~~~~~
> 
> by using a modern, more robust allocation pattern.
> 
> Suggested-by: Peter Maydell <peter.maydell@linaro.org>
> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
> ---
> 
> Changes to v1 ("Avoid false-positive overflow warning")
>   - switch to g_strdup_printf
> 
>   hw/openrisc/openrisc_sim.c | 3 +--
>   1 file changed, 1 insertion(+), 2 deletions(-)

Patch queued, thanks.