Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 22 Jun 2022 09:19:00 -0400
From: Rich Felker <>
To: He X <>
Subject: Re: g++ fpermissive compilation error for strdupa

On Wed, Jun 22, 2022 at 04:05:20PM +0800, He X wrote:
> Hi!
> Since *alloca* will return *void**, g++ will report error(*-fpermissive,
> invalid conversion from void* to char**), if you do *strcpy(alloca(32),
> str)*, which is the definition of *strdupa* on musl. I've patched it by
> type casting to fix the build of bazel. Could this be merged upstream?
> --- a/include/string.h  2022-04-08 01:12:40.000000000 +0800
> +++ b/include/string.h  2022-04-08 01:12:40.000000000 +0800
> @@ -88,7 +88,7 @@
>  #endif
>  #ifdef _GNU_SOURCE
> -#define        strdupa(x)      strcpy(alloca(strlen(x)+1),x)
> +#define        strdupa(x)      strcpy((char*)(alloca(strlen(x)+1)),x)
>  int strverscmp (const char *, const char *);
>  char *strchrnul(const char *, int);
>  char *strcasestr(const char *, const char *);

This was raised recently and probably makes sense to do, but it's also
rather bad that we have strdupa at all, since it's a serious code
smell and almost always an exploitable bug (if you already knew the
length of the string and knew it was safe, you wouldn't need strdupa),
so it's been kinda nice that this is catching bugs in C++ programs.

Maybe there's some way we can fix the C++ const issue but make it
produce warnings when strdupa is used in both C and C++...?


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.