Motion - Bug Report 2009x 03x 03x 182036
You are here: Foswiki>Motion Web>BugReports>BugReport2009x03x03x182036 (10 Aug 2009, AngelCarpintero)Edit Attach

BUG: Possible buffer overflow

When compiling motion, there is a warning concerning a possible buffer overflow. This kind of things prevents the package from being included in some Linux distributions for security reasons. See the log below. Built with gcc version 4.3.2 20081105 (Red Hat 4.3.2-7) (GCC)

I'm not a C programmer, so discard this report if it's not your fault smile

make
...
gcc -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -D_REENTRANT -DHAVE_FFMPEG -I/usr/include/ffmpeg -DFFMPEG_NEW_INCLUDES -DHAVE_FFMPEG_NEW -DMOTION_V4L2 -DTYPE_32BIT="int" -DHAVE_BSWAP    -Wall -DVERSION=\"3.2.11\" -Dsysconfdir=\"/etc/motion\"    -c -o video2.o video2.c
In function 'strncat',
    inlined from 'v4l_open_vidpipe' at video.c:507:
/usr/include/bits/string3.h:153: warning: call to __builtin___strncat_chk might overflow destination buffer
...

Environment

Motion version: 3.2.11
ffmpeg version: ffmpeg-0.4.9-0.54.20080908.fc10.x86_64
Shared libraries: ffmpeg
Server OS: Fedora 10 x86_64

-- StevenM - 03 Mar 2009

Follow up

Fix record

This is already fixed in trunk , it's a warning from GCC 4.3 but i think was not a real issue.

-- AngelCarpintero - 05 Mar 2009
Topic revision: r3 - 10 Aug 2009, AngelCarpintero
Copyright © 1999-2019 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Please do not email Kenneth for support questions (read why). Use the Support Requests page or join the Mailing List.
This website only use harmless session cookies. See Cookie Policy for details. By using this website you accept the use of these cookies.