fake_bsp: fix stringop-overread warnings with string literals

pcolberg · pcolberg · commit 8233336e6a0d · 2022-11-18T10:50:07.000-05:00
GCC 11 correctly points out that there is no point in limiting strnlen()
to a size that is greater than the length of the string literal argument.

test/fake_bsp/fakegoodbsp.cpp:47:26: warning: 'size_t strnlen(const char*, size_t)' specified bound 1204 exceeds source size 16 [-Wstringop-overread]
   47 |     size_t Xlen = strnlen(X, MAX_NAME_SIZE) + 1;                               \
      |                   ~~~~~~~^~~~~~~~~~~~~~~~~~

strnlen() is commonly used with an input buffer that is possibly not
null-terminated, i.e., contains a truncated string. strnlen() is also
useful to set an upper bound on the length to consume, e.g., to avoid
a denial of service. Neither of these use cases apply here.

MAX_NAME_SIZE was previously introduced in acl.h to address Klocwork
issues relating to missing null termination of strings. The chosen
1204 is a typo of 1024, but even then, it should be 1023 such that a
buffer with the trailing null byte occupies 1023 + 1 = 1024 bytes.

Signed-off-by: Peter Colberg &lt;peter.colberg@intel.com&gt;
diff --git a/test/fake_bsp/fakegoodbsp.cpp b/test/fake_bsp/fakegoodbsp.cpp
@@ -44,7 +44,7 @@ typedef enum {
   }
 #define RESULT_STR(X)                                                          \
   do {                                                                         \
-    size_t Xlen = strnlen(X, MAX_NAME_SIZE) + 1;                               \
+    size_t Xlen = strlen(X) + 1;                                               \
     memcpy((void *)param_value, X,                                             \
            (param_value_size <= Xlen) ? param_value_size : Xlen);              \
     if (param_size_ret)                                                        \
@@ -283,7 +283,7 @@ AOCL_MMD_CALL int aocl_mmd_read(int handle, aocl_mmd_op_t op, size_t len,
             (unsigned int)offset);
     return -1;
   case OFFSET_CONFIGURATION_ROM:
-    if (strnlen(config_str, MAX_NAME_SIZE) <= len) {
+    if (strlen(config_str) <= len) {
       memcpy(dst, (void *)config_str, len);
       return 0;
     } else {
diff --git a/test/fake_bsp/missingfuncbsp.cpp b/test/fake_bsp/missingfuncbsp.cpp
@@ -44,7 +44,7 @@ typedef enum {
   }
 #define RESULT_STR(X)                                                          \
   do {                                                                         \
-    size_t Xlen = strnlen(X, MAX_NAME_SIZE) + 1;                               \
+    size_t Xlen = strlen(X) + 1;                                               \
     memcpy((void *)param_value, X,                                             \
            (param_value_size <= Xlen) ? param_value_size : Xlen);              \
     if (param_size_ret)                                                        \
@@ -268,7 +268,7 @@ AOCL_MMD_CALL int aocl_mmd_read(int handle, aocl_mmd_op_t op, size_t len,
             (unsigned int)offset);
     return -1;
   case OFFSET_CONFIGURATION_ROM:
-    if (strnlen(config_str, MAX_NAME_SIZE) <= len) {
+    if (strlen(config_str) <= len) {
       memcpy(dst, (void *)config_str, len);
       return 0;
     } else {
