From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.3 required=5.0 tests=MAILING_LIST_MULTI,
	RCVD_IN_DNSWL_MED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,
	T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.4
Received: (qmail 3737 invoked from network); 22 Jun 2022 13:19:18 -0000
Received: from mother.openwall.net (195.42.179.200)
  by inbox.vuxu.org with ESMTPUTF8; 22 Jun 2022 13:19:18 -0000
Received: (qmail 22164 invoked by uid 550); 22 Jun 2022 13:19:14 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
List-ID: <musl.lists.openwall.com>
Reply-To: musl@lists.openwall.com
Received: (qmail 22126 invoked from network); 22 Jun 2022 13:19:13 -0000
Date: Wed, 22 Jun 2022 09:19:00 -0400
From: Rich Felker <dalias@libc.org>
To: He X <xw897002528@gmail.com>
Cc: musl@lists.openwall.com
Message-ID: <20220622131859.GM7074@brightrain.aerifal.cx>
References: <CAPG2z0_sSXmZ57KZczqL6nAbnLP7py35ka09QCMMe_5eOe=0Dw@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAPG2z0_sSXmZ57KZczqL6nAbnLP7py35ka09QCMMe_5eOe=0Dw@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Subject: Re: [musl] g++ fpermissive compilation error for strdupa

On Wed, Jun 22, 2022 at 04:05:20PM +0800, He X wrote:
> Hi!
> 
> Since *alloca* will return *void**, g++ will report error(*-fpermissive,
> invalid conversion from void* to char**), if you do *strcpy(alloca(32),
> str)*, which is the definition of *strdupa* on musl. I've patched it by
> type casting to fix the build of bazel. Could this be merged upstream?
> 
> --- a/include/string.h  2022-04-08 01:12:40.000000000 +0800
> +++ b/include/string.h  2022-04-08 01:12:40.000000000 +0800
> @@ -88,7 +88,7 @@
>  #endif
> 
>  #ifdef _GNU_SOURCE
> -#define        strdupa(x)      strcpy(alloca(strlen(x)+1),x)
> +#define        strdupa(x)      strcpy((char*)(alloca(strlen(x)+1)),x)
>  int strverscmp (const char *, const char *);
>  char *strchrnul(const char *, int);
>  char *strcasestr(const char *, const char *);

This was raised recently and probably makes sense to do, but it's also
rather bad that we have strdupa at all, since it's a serious code
smell and almost always an exploitable bug (if you already knew the
length of the string and knew it was safe, you wouldn't need strdupa),
so it's been kinda nice that this is catching bugs in C++ programs.

Maybe there's some way we can fix the C++ const issue but make it
produce warnings when strdupa is used in both C and C++...?

Rich