WebKit Bugzilla
New
Browse
Search+
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
NEW
299357
[Clang][GTK][WPE] Fix unsafe-buffer-usage-in-libc-call warnings
https://bugs.webkit.org/show_bug.cgi?id=299357
Summary
[Clang][GTK][WPE] Fix unsafe-buffer-usage-in-libc-call warnings
Fujii Hironori
Reported
2025-09-22 23:01:18 PDT
FAILED: Source/WTF/wtf/CMakeFiles/WTF.dir/linux/CurrentProcessMemoryStatus.cpp.o /usr/bin/clang++ -DBUILDING_GTK__=1 -DBUILDING_WEBKIT=1 -DBUILDING_WITH_CMAKE=1 -DBUILDING_WTF -DBWRAP_EXECUTABLE=\"/usr/bin/bwrap\" -DDBUS_PROXY_EXECUTABLE=\"/usr/bin/xdg-dbus-proxy\" -DGETTEXT_PACKAGE=\"WebKitGTK-6.0\" -DHAVE_CONFIG_H=1 -DJSC_GLIB_API_ENABLED -DPAS_BMALLOC=1 -DSTATICALLY_LINKED_WITH_bmalloc -D_GLIBCXX_ASSERTIONS=1 -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/WTF/DerivedSources -I/home/fujii/webkit/wa/Source/WTF -I/home/fujii/webkit/wa/Source/WTF/wtf -I/home/fujii/webkit/wa/Source/WTF/wtf/dtoa -I/home/fujii/webkit/wa/Source/WTF/wtf/fast_float -I/home/fujii/webkit/wa/Source/WTF/wtf/persistence -I/home/fujii/webkit/wa/Source/WTF/wtf/simdutf -I/home/fujii/webkit/wa/Source/WTF/wtf/text -I/home/fujii/webkit/wa/Source/WTF/wtf/text/icu -I/home/fujii/webkit/wa/Source/WTF/wtf/threads -I/home/fujii/webkit/wa/Source/WTF/wtf/unicode -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/bmalloc/Headers -isystem /usr/include/gio-unix-2.0 -isystem /usr/include/glib-2.0 -isystem /usr/lib64/glib-2.0/include -isystem /usr/include/libmount -isystem /usr/include/blkid -isystem /home/fujii/webkit/webkit-jhbuild/install/include/sysprof-6 -fdiagnostics-color=always -fcolor-diagnostics -Wextra -Wall -Werror=undefined-internal -Werror=undefined-inline -pipe -Wno-noexcept-type -Wno-psabi -Wno-misleading-indentation -Wno-parentheses-equality -Qunused-arguments -Wundef -Wpointer-arith -Wmissing-format-attribute -Wformat-security -Wcast-align -Wno-tautological-compare -fasynchronous-unwind-tables -fdebug-types-section -fno-omit-frame-pointer -fno-strict-aliasing -fno-exceptions -fno-rtti -fcoroutines -ffunction-sections -fdata-sections -O3 -DNDEBUG -std=c++23 -fPIC -fvisibility=hidden -Wunsafe-buffer-usage -Wunsafe-buffer-usage-in-libc-call -fsafe-buffer-usage-suggestions -Werror -pthread -MD -MT Source/WTF/wtf/CMakeFiles/WTF.dir/linux/CurrentProcessMemoryStatus.cpp.o -MF Source/WTF/wtf/CMakeFiles/WTF.dir/linux/CurrentProcessMemoryStatus.cpp.o.d -o Source/WTF/wtf/CMakeFiles/WTF.dir/linux/CurrentProcessMemoryStatus.cpp.o -c /home/fujii/webkit/wa/Source/WTF/wtf/linux/CurrentProcessMemoryStatus.cpp /home/fujii/webkit/wa/Source/WTF/wtf/linux/CurrentProcessMemoryStatus.cpp:43:18: error: function 'fgets' is unsafe [-Werror,-Wunsafe-buffer-usage-in-libc-call] 43 | char* line = fgets(buffer, 128, file); | ^~~~~~~~~~~~~~~~~~~~~~~~ /home/fujii/webkit/wa/Source/WTF/wtf/linux/CurrentProcessMemoryStatus.cpp:50:35: error: function 'strtoull' is unsafe [-Werror,-Wunsafe-buffer-usage-in-libc-call] 50 | unsigned long long intValue = strtoull(line, &end, 10); | ^~~~~~~~~~~~~~~~~~~~~~~~ /home/fujii/webkit/wa/Source/WTF/wtf/linux/CurrentProcessMemoryStatus.cpp:52:16: error: function 'strtoull' is unsafe [-Werror,-Wunsafe-buffer-usage-in-libc-call] 52 | intValue = strtoull(end, &end, 10); | ^~~~~~~~~~~~~~~~~~~~~~~ /home/fujii/webkit/wa/Source/WTF/wtf/linux/CurrentProcessMemoryStatus.cpp:54:16: error: function 'strtoull' is unsafe [-Werror,-Wunsafe-buffer-usage-in-libc-call] 54 | intValue = strtoull(end, &end, 10); | ^~~~~~~~~~~~~~~~~~~~~~~ /home/fujii/webkit/wa/Source/WTF/wtf/linux/CurrentProcessMemoryStatus.cpp:56:16: error: function 'strtoull' is unsafe [-Werror,-Wunsafe-buffer-usage-in-libc-call] 56 | intValue = strtoull(end, &end, 10); | ^~~~~~~~~~~~~~~~~~~~~~~ /home/fujii/webkit/wa/Source/WTF/wtf/linux/CurrentProcessMemoryStatus.cpp:58:16: error: function 'strtoull' is unsafe [-Werror,-Wunsafe-buffer-usage-in-libc-call] 58 | intValue = strtoull(end, &end, 10); | ^~~~~~~~~~~~~~~~~~~~~~~ /home/fujii/webkit/wa/Source/WTF/wtf/linux/CurrentProcessMemoryStatus.cpp:60:16: error: function 'strtoull' is unsafe [-Werror,-Wunsafe-buffer-usage-in-libc-call] 60 | intValue = strtoull(end, &end, 10); | ^~~~~~~~~~~~~~~~~~~~~~~ /home/fujii/webkit/wa/Source/WTF/wtf/linux/CurrentProcessMemoryStatus.cpp:62:16: error: function 'strtoull' is unsafe [-Werror,-Wunsafe-buffer-usage-in-libc-call] 62 | intValue = strtoull(end, &end, 10); | ^~~~~~~~~~~~~~~~~~~~~~~ 8 errors generated. [13/2319] Building CXX object Source/WTF/wtf/CMakeFiles/WTF.dir/glib/ChassisType.cpp.o FAILED: Source/WTF/wtf/CMakeFiles/WTF.dir/glib/ChassisType.cpp.o /usr/bin/clang++ -DBUILDING_GTK__=1 -DBUILDING_WEBKIT=1 -DBUILDING_WITH_CMAKE=1 -DBUILDING_WTF -DBWRAP_EXECUTABLE=\"/usr/bin/bwrap\" -DDBUS_PROXY_EXECUTABLE=\"/usr/bin/xdg-dbus-proxy\" -DGETTEXT_PACKAGE=\"WebKitGTK-6.0\" -DHAVE_CONFIG_H=1 -DJSC_GLIB_API_ENABLED -DPAS_BMALLOC=1 -DSTATICALLY_LINKED_WITH_bmalloc -D_GLIBCXX_ASSERTIONS=1 -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/WTF/DerivedSources -I/home/fujii/webkit/wa/Source/WTF -I/home/fujii/webkit/wa/Source/WTF/wtf -I/home/fujii/webkit/wa/Source/WTF/wtf/dtoa -I/home/fujii/webkit/wa/Source/WTF/wtf/fast_float -I/home/fujii/webkit/wa/Source/WTF/wtf/persistence -I/home/fujii/webkit/wa/Source/WTF/wtf/simdutf -I/home/fujii/webkit/wa/Source/WTF/wtf/text -I/home/fujii/webkit/wa/Source/WTF/wtf/text/icu -I/home/fujii/webkit/wa/Source/WTF/wtf/threads -I/home/fujii/webkit/wa/Source/WTF/wtf/unicode -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/bmalloc/Headers -isystem /usr/include/gio-unix-2.0 -isystem /usr/include/glib-2.0 -isystem /usr/lib64/glib-2.0/include -isystem /usr/include/libmount -isystem /usr/include/blkid -isystem /home/fujii/webkit/webkit-jhbuild/install/include/sysprof-6 -fdiagnostics-color=always -fcolor-diagnostics -Wextra -Wall -Werror=undefined-internal -Werror=undefined-inline -pipe -Wno-noexcept-type -Wno-psabi -Wno-misleading-indentation -Wno-parentheses-equality -Qunused-arguments -Wundef -Wpointer-arith -Wmissing-format-attribute -Wformat-security -Wcast-align -Wno-tautological-compare -fasynchronous-unwind-tables -fdebug-types-section -fno-omit-frame-pointer -fno-strict-aliasing -fno-exceptions -fno-rtti -fcoroutines -ffunction-sections -fdata-sections -O3 -DNDEBUG -std=c++23 -fPIC -fvisibility=hidden -Wunsafe-buffer-usage -Wunsafe-buffer-usage-in-libc-call -fsafe-buffer-usage-suggestions -Werror -pthread -MD -MT Source/WTF/wtf/CMakeFiles/WTF.dir/glib/ChassisType.cpp.o -MF Source/WTF/wtf/CMakeFiles/WTF.dir/glib/ChassisType.cpp.o.d -o Source/WTF/wtf/CMakeFiles/WTF.dir/glib/ChassisType.cpp.o -c /home/fujii/webkit/wa/Source/WTF/wtf/glib/ChassisType.cpp /home/fujii/webkit/wa/Source/WTF/wtf/glib/ChassisType.cpp:71:20: error: function 'strtol' is unsafe [-Werror,-Wunsafe-buffer-usage-in-libc-call] 71 | int type = strtol(buffer.get(), nullptr, 10); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/fujii/webkit/wa/Source/WTF/wtf/glib/ChassisType.cpp:106:20: error: function 'strtol' is unsafe [-Werror,-Wunsafe-buffer-usage-in-libc-call] 106 | int type = strtol(buffer.get(), nullptr, 10); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 2 errors generated. [14/2319] Building CXX object Source/WTF/wtf/CMakeFiles/WTF.dir/linux/MemoryFootprintLinux.cpp.o FAILED: Source/WTF/wtf/CMakeFiles/WTF.dir/linux/MemoryFootprintLinux.cpp.o /usr/bin/clang++ -DBUILDING_GTK__=1 -DBUILDING_WEBKIT=1 -DBUILDING_WITH_CMAKE=1 -DBUILDING_WTF -DBWRAP_EXECUTABLE=\"/usr/bin/bwrap\" -DDBUS_PROXY_EXECUTABLE=\"/usr/bin/xdg-dbus-proxy\" -DGETTEXT_PACKAGE=\"WebKitGTK-6.0\" -DHAVE_CONFIG_H=1 -DJSC_GLIB_API_ENABLED -DPAS_BMALLOC=1 -DSTATICALLY_LINKED_WITH_bmalloc -D_GLIBCXX_ASSERTIONS=1 -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/WTF/DerivedSources -I/home/fujii/webkit/wa/Source/WTF -I/home/fujii/webkit/wa/Source/WTF/wtf -I/home/fujii/webkit/wa/Source/WTF/wtf/dtoa -I/home/fujii/webkit/wa/Source/WTF/wtf/fast_float -I/home/fujii/webkit/wa/Source/WTF/wtf/persistence -I/home/fujii/webkit/wa/Source/WTF/wtf/simdutf -I/home/fujii/webkit/wa/Source/WTF/wtf/text -I/home/fujii/webkit/wa/Source/WTF/wtf/text/icu -I/home/fujii/webkit/wa/Source/WTF/wtf/threads -I/home/fujii/webkit/wa/Source/WTF/wtf/unicode -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/bmalloc/Headers -isystem /usr/include/gio-unix-2.0 -isystem /usr/include/glib-2.0 -isystem /usr/lib64/glib-2.0/include -isystem /usr/include/libmount -isystem /usr/include/blkid -isystem /home/fujii/webkit/webkit-jhbuild/install/include/sysprof-6 -fdiagnostics-color=always -fcolor-diagnostics -Wextra -Wall -Werror=undefined-internal -Werror=undefined-inline -pipe -Wno-noexcept-type -Wno-psabi -Wno-misleading-indentation -Wno-parentheses-equality -Qunused-arguments -Wundef -Wpointer-arith -Wmissing-format-attribute -Wformat-security -Wcast-align -Wno-tautological-compare -fasynchronous-unwind-tables -fdebug-types-section -fno-omit-frame-pointer -fno-strict-aliasing -fno-exceptions -fno-rtti -fcoroutines -ffunction-sections -fdata-sections -O3 -DNDEBUG -std=c++23 -fPIC -fvisibility=hidden -Wunsafe-buffer-usage -Wunsafe-buffer-usage-in-libc-call -fsafe-buffer-usage-suggestions -Werror -pthread -MD -MT Source/WTF/wtf/CMakeFiles/WTF.dir/linux/MemoryFootprintLinux.cpp.o -MF Source/WTF/wtf/CMakeFiles/WTF.dir/linux/MemoryFootprintLinux.cpp.o.d -o Source/WTF/wtf/CMakeFiles/WTF.dir/linux/MemoryFootprintLinux.cpp.o -c /home/fujii/webkit/wa/Source/WTF/wtf/linux/MemoryFootprintLinux.cpp /home/fujii/webkit/wa/Source/WTF/wtf/linux/MemoryFootprintLinux.cpp:66:32: error: function 'sscanf' is unsafe [-Werror,-Wunsafe-buffer-usage-in-libc-call] 66 | int scannedCount = sscanf(buffer, "%lx-%lx %4s %lx %31s %lu %6s", &start, &end, perms, &offset, dev, &inode, path); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/fujii/webkit/wa/Source/WTF/wtf/linux/MemoryFootprintLinux.cpp:82:13: error: function 'sscanf' is unsafe [-Werror,-Wunsafe-buffer-usage-in-libc-call] 82 | if (sscanf(buffer, "Private_Dirty: %lu", &privateDirtyInKB) == 1) | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 2 errors generated. [15/2319] Building CXX object Source/WTF/wtf/CMakeFiles/WTF.dir/posix/FileSystemPOSIX.cpp.o FAILED: Source/WTF/wtf/CMakeFiles/WTF.dir/posix/FileSystemPOSIX.cpp.o /usr/bin/clang++ -DBUILDING_GTK__=1 -DBUILDING_WEBKIT=1 -DBUILDING_WITH_CMAKE=1 -DBUILDING_WTF -DBWRAP_EXECUTABLE=\"/usr/bin/bwrap\" -DDBUS_PROXY_EXECUTABLE=\"/usr/bin/xdg-dbus-proxy\" -DGETTEXT_PACKAGE=\"WebKitGTK-6.0\" -DHAVE_CONFIG_H=1 -DJSC_GLIB_API_ENABLED -DPAS_BMALLOC=1 -DSTATICALLY_LINKED_WITH_bmalloc -D_GLIBCXX_ASSERTIONS=1 -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/WTF/DerivedSources -I/home/fujii/webkit/wa/Source/WTF -I/home/fujii/webkit/wa/Source/WTF/wtf -I/home/fujii/webkit/wa/Source/WTF/wtf/dtoa -I/home/fujii/webkit/wa/Source/WTF/wtf/fast_float -I/home/fujii/webkit/wa/Source/WTF/wtf/persistence -I/home/fujii/webkit/wa/Source/WTF/wtf/simdutf -I/home/fujii/webkit/wa/Source/WTF/wtf/text -I/home/fujii/webkit/wa/Source/WTF/wtf/text/icu -I/home/fujii/webkit/wa/Source/WTF/wtf/threads -I/home/fujii/webkit/wa/Source/WTF/wtf/unicode -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/bmalloc/Headers -isystem /usr/include/gio-unix-2.0 -isystem /usr/include/glib-2.0 -isystem /usr/lib64/glib-2.0/include -isystem /usr/include/libmount -isystem /usr/include/blkid -isystem /home/fujii/webkit/webkit-jhbuild/install/include/sysprof-6 -fdiagnostics-color=always -fcolor-diagnostics -Wextra -Wall -Werror=undefined-internal -Werror=undefined-inline -pipe -Wno-noexcept-type -Wno-psabi -Wno-misleading-indentation -Wno-parentheses-equality -Qunused-arguments -Wundef -Wpointer-arith -Wmissing-format-attribute -Wformat-security -Wcast-align -Wno-tautological-compare -fasynchronous-unwind-tables -fdebug-types-section -fno-omit-frame-pointer -fno-strict-aliasing -fno-exceptions -fno-rtti -fcoroutines -ffunction-sections -fdata-sections -O3 -DNDEBUG -std=c++23 -fPIC -fvisibility=hidden -Wunsafe-buffer-usage -Wunsafe-buffer-usage-in-libc-call -fsafe-buffer-usage-suggestions -Werror -pthread -MD -MT Source/WTF/wtf/CMakeFiles/WTF.dir/posix/FileSystemPOSIX.cpp.o -MF Source/WTF/wtf/CMakeFiles/WTF.dir/posix/FileSystemPOSIX.cpp.o.d -o Source/WTF/wtf/CMakeFiles/WTF.dir/posix/FileSystemPOSIX.cpp.o -c /home/fujii/webkit/wa/Source/WTF/wtf/posix/FileSystemPOSIX.cpp /home/fujii/webkit/wa/Source/WTF/wtf/posix/FileSystemPOSIX.cpp:177:21: error: function 'strlen' is unsafe [-Werror,-Wunsafe-buffer-usage-in-libc-call] 177 | size_t length = strlen(directory) + 1 + prefixUTF8.length() + 1 + 6 + 1; | ^~~~~~~~~~~~~~~~~ /home/fujii/webkit/wa/Source/WTF/wtf/posix/FileSystemPOSIX.cpp:179:5: error: function 'snprintf' is unsafe [-Werror,-Wunsafe-buffer-usage-in-libc-call] 179 | snprintf(buffer.mutableSpan().data(), length, "%s/%s-XXXXXX", directory, prefixUTF8.data()); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/fujii/webkit/wa/Source/WTF/wtf/posix/FileSystemPOSIX.cpp:179:14: note: buffer pointer and size may not match 179 | snprintf(buffer.mutableSpan().data(), length, "%s/%s-XXXXXX", directory, prefixUTF8.data()); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~ 2 errors generated. [16/2319] Building CXX object Source/WTF/wtf/CMakeFiles/WTF.dir/glib/SocketConnection.cpp.o FAILED: Source/WTF/wtf/CMakeFiles/WTF.dir/glib/SocketConnection.cpp.o /usr/bin/clang++ -DBUILDING_GTK__=1 -DBUILDING_WEBKIT=1 -DBUILDING_WITH_CMAKE=1 -DBUILDING_WTF -DBWRAP_EXECUTABLE=\"/usr/bin/bwrap\" -DDBUS_PROXY_EXECUTABLE=\"/usr/bin/xdg-dbus-proxy\" -DGETTEXT_PACKAGE=\"WebKitGTK-6.0\" -DHAVE_CONFIG_H=1 -DJSC_GLIB_API_ENABLED -DPAS_BMALLOC=1 -DSTATICALLY_LINKED_WITH_bmalloc -D_GLIBCXX_ASSERTIONS=1 -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/WTF/DerivedSources -I/home/fujii/webkit/wa/Source/WTF -I/home/fujii/webkit/wa/Source/WTF/wtf -I/home/fujii/webkit/wa/Source/WTF/wtf/dtoa -I/home/fujii/webkit/wa/Source/WTF/wtf/fast_float -I/home/fujii/webkit/wa/Source/WTF/wtf/persistence -I/home/fujii/webkit/wa/Source/WTF/wtf/simdutf -I/home/fujii/webkit/wa/Source/WTF/wtf/text -I/home/fujii/webkit/wa/Source/WTF/wtf/text/icu -I/home/fujii/webkit/wa/Source/WTF/wtf/threads -I/home/fujii/webkit/wa/Source/WTF/wtf/unicode -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/bmalloc/Headers -isystem /usr/include/gio-unix-2.0 -isystem /usr/include/glib-2.0 -isystem /usr/lib64/glib-2.0/include -isystem /usr/include/libmount -isystem /usr/include/blkid -isystem /home/fujii/webkit/webkit-jhbuild/install/include/sysprof-6 -fdiagnostics-color=always -fcolor-diagnostics -Wextra -Wall -Werror=undefined-internal -Werror=undefined-inline -pipe -Wno-noexcept-type -Wno-psabi -Wno-misleading-indentation -Wno-parentheses-equality -Qunused-arguments -Wundef -Wpointer-arith -Wmissing-format-attribute -Wformat-security -Wcast-align -Wno-tautological-compare -fasynchronous-unwind-tables -fdebug-types-section -fno-omit-frame-pointer -fno-strict-aliasing -fno-exceptions -fno-rtti -fcoroutines -ffunction-sections -fdata-sections -O3 -DNDEBUG -std=c++23 -fPIC -fvisibility=hidden -Wunsafe-buffer-usage -Wunsafe-buffer-usage-in-libc-call -fsafe-buffer-usage-suggestions -Werror -pthread -MD -MT Source/WTF/wtf/CMakeFiles/WTF.dir/glib/SocketConnection.cpp.o -MF Source/WTF/wtf/CMakeFiles/WTF.dir/glib/SocketConnection.cpp.o.d -o Source/WTF/wtf/CMakeFiles/WTF.dir/glib/SocketConnection.cpp.o -c /home/fujii/webkit/wa/Source/WTF/wtf/glib/SocketConnection.cpp /home/fujii/webkit/wa/Source/WTF/wtf/glib/SocketConnection.cpp:121:5: error: function 'memcpy' is unsafe [-Werror,-Wunsafe-buffer-usage-in-libc-call] 121 | memcpy(&bodySizeHeader, messageData, sizeof(uint32_t)); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/fujii/webkit/wa/Source/WTF/wtf/glib/SocketConnection.cpp:126:5: error: function 'memcpy' is unsafe [-Werror,-Wunsafe-buffer-usage-in-libc-call] 126 | memcpy(&flags, messageData, sizeof(MessageFlags)); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/fujii/webkit/wa/Source/WTF/wtf/glib/SocketConnection.cpp:134:41: error: function 'strlen' is unsafe [-Werror,-Wunsafe-buffer-usage-in-libc-call] 134 | Checked<size_t> messageNameLength = strlen(messageData); | ^~~~~~~~~~~~~~~~~~~ /home/fujii/webkit/wa/Source/WTF/wtf/glib/SocketConnection.cpp:173:37: error: function 'strlen' is unsafe [-Werror,-Wunsafe-buffer-usage-in-libc-call] 173 | CheckedSize messageNameLength = strlen(messageName); | ^~~~~~~~~~~~~~~~~~~ /home/fujii/webkit/wa/Source/WTF/wtf/glib/SocketConnection.cpp:191:5: error: function 'memcpy' is unsafe [-Werror,-Wunsafe-buffer-usage-in-libc-call] 191 | memcpy(messageData, &bodySizeHeader, sizeof(uint32_t)); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/fujii/webkit/wa/Source/WTF/wtf/glib/SocketConnection.cpp:197:5: error: function 'memcpy' is unsafe [-Werror,-Wunsafe-buffer-usage-in-libc-call] 197 | memcpy(messageData, &flags, sizeof(MessageFlags)); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/fujii/webkit/wa/Source/WTF/wtf/glib/SocketConnection.cpp:199:5: error: function 'memcpy' is unsafe [-Werror,-Wunsafe-buffer-usage-in-libc-call] 199 | memcpy(messageData, messageName, messageNameLength); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/fujii/webkit/wa/Source/WTF/wtf/glib/SocketConnection.cpp:202:9: error: function 'memcpy' is unsafe [-Werror,-Wunsafe-buffer-usage-in-libc-call] 202 | memcpy(messageData, g_variant_get_data(parameters), parametersSize); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 8 errors generated. ninja: build stopped: cannot make progress due to previous errors.
Attachments
Add attachment
proposed patch, testcase, etc.
Fujii Hironori
Comment 1
2025-09-23 00:15:25 PDT
FAILED: Source/JavaScriptCore/CMakeFiles/JavaScriptCore.dir/__/__/JavaScriptCore/DerivedSources/unified-sources/UnifiedSource-ee8a7a7a-4.cpp.o /usr/bin/clang++ -DBUILDING_GTK__=1 -DBUILDING_JavaScriptCore -DBUILDING_WEBKIT=1 -DBUILDING_WITH_CMAKE=1 -DBWRAP_EXECUTABLE=\"/usr/bin/bwrap\" -DDBUS_PROXY_EXECUTABLE=\"/usr/bin/xdg-dbus-proxy\" -DGETTEXT_PACKAGE=\"WebKitGTK-6.0\" -DHAVE_CONFIG_H=1 -DJSC_GLIB_API_ENABLED -DJavaScriptCore_EXPORTS -DPAS_BMALLOC=1 -DSTATICALLY_LINKED_WITH_WTF -DSTATICALLY_LINKED_WITH_bmalloc -D_GLIBCXX_ASSERTIONS=1 -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/JavaScriptCore/Headers -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/JavaScriptCore/PrivateHeaders -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/JavaScriptCore/PrivateHeaders/JavaScriptCore -I/home/fujii/webkit/wa/Source/JavaScriptCore -I/home/fujii/webkit/wa/Source/JavaScriptCore/API -I/home/fujii/webkit/wa/Source/JavaScriptCore/assembler -I/home/fujii/webkit/wa/Source/JavaScriptCore/b3 -I/home/fujii/webkit/wa/Source/JavaScriptCore/b3/air -I/home/fujii/webkit/wa/Source/JavaScriptCore/bindings -I/home/fujii/webkit/wa/Source/JavaScriptCore/builtins -I/home/fujii/webkit/wa/Source/JavaScriptCore/bytecode -I/home/fujii/webkit/wa/Source/JavaScriptCore/bytecompiler -I/home/fujii/webkit/wa/Source/JavaScriptCore/dfg -I/home/fujii/webkit/wa/Source/JavaScriptCore/disassembler -I/home/fujii/webkit/wa/Source/JavaScriptCore/disassembler/ARM64 -I/home/fujii/webkit/wa/Source/JavaScriptCore/disassembler/zydis -I/home/fujii/webkit/wa/Source/JavaScriptCore/domjit -I/home/fujii/webkit/wa/Source/JavaScriptCore/ftl -I/home/fujii/webkit/wa/Source/JavaScriptCore/fuzzilli -I/home/fujii/webkit/wa/Source/JavaScriptCore/heap -I/home/fujii/webkit/wa/Source/JavaScriptCore/debugger -I/home/fujii/webkit/wa/Source/JavaScriptCore/inspector -I/home/fujii/webkit/wa/Source/JavaScriptCore/inspector/agents -I/home/fujii/webkit/wa/Source/JavaScriptCore/inspector/augmentable -I/home/fujii/webkit/wa/Source/JavaScriptCore/inspector/remote -I/home/fujii/webkit/wa/Source/JavaScriptCore/interpreter -I/home/fujii/webkit/wa/Source/JavaScriptCore/jit -I/home/fujii/webkit/wa/Source/JavaScriptCore/llint -I/home/fujii/webkit/wa/Source/JavaScriptCore/parser -I/home/fujii/webkit/wa/Source/JavaScriptCore/profiler -I/home/fujii/webkit/wa/Source/JavaScriptCore/runtime -I/home/fujii/webkit/wa/Source/JavaScriptCore/tools -I/home/fujii/webkit/wa/Source/JavaScriptCore/wasm -I/home/fujii/webkit/wa/Source/JavaScriptCore/wasm/js -I/home/fujii/webkit/wa/Source/JavaScriptCore/yarr -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/JavaScriptCore/DerivedSources -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/JavaScriptCore/DerivedSources/inspector -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/JavaScriptCore/DerivedSources/runtime -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/JavaScriptCore/DerivedSources/yarr -I/home/fujii/webkit/wa/Source/JavaScriptCore/API/glib -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/JavaScriptCoreGLib/DerivedSources -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/JavaScriptCoreGLib/DerivedSources/jsc -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/JavaScriptCoreGLib/Headers -I/home/fujii/webkit/wa/Source/JavaScriptCore/inspector/remote/glib -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/WTF/Headers -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/bmalloc/Headers -isystem /usr/include/glib-2.0 -isystem /usr/lib64/glib-2.0/include -isystem /home/fujii/webkit/webkit-jhbuild/install/include/sysprof-6 -fdiagnostics-color=always -fcolor-diagnostics -Wextra -Wall -Werror=undefined-internal -Werror=undefined-inline -pipe -Wno-noexcept-type -Wno-psabi -Wno-misleading-indentation -Wno-parentheses-equality -Qunused-arguments -Wundef -Wpointer-arith -Wmissing-format-attribute -Wformat-security -Wcast-align -Wno-tautological-compare -fasynchronous-unwind-tables -fdebug-types-section -fno-omit-frame-pointer -fno-strict-aliasing -fno-exceptions -fno-rtti -fcoroutines -ffunction-sections -fdata-sections -O3 -DNDEBUG -std=c++23 -fPIC -fvisibility=hidden -Wunsafe-buffer-usage -Wunsafe-buffer-usage-in-libc-call -fsafe-buffer-usage-suggestions -ffp-contract=off -fno-slp-vectorize -Werror -pthread -MD -MT Source/JavaScriptCore/CMakeFiles/JavaScriptCore.dir/__/__/JavaScriptCore/DerivedSources/unified-sources/UnifiedSource-ee8a7a7a-4.cpp.o -MF Source/JavaScriptCore/CMakeFiles/JavaScriptCore.dir/__/__/JavaScriptCore/DerivedSources/unified-sources/UnifiedSource-ee8a7a7a-4.cpp.o.d -o Source/JavaScriptCore/CMakeFiles/JavaScriptCore.dir/__/__/JavaScriptCore/DerivedSources/unified-sources/UnifiedSource-ee8a7a7a-4.cpp.o -c /home/fujii/webkit/wa/WebKitBuild/GTK/Release/JavaScriptCore/DerivedSources/unified-sources/UnifiedSource-ee8a7a7a-4.cpp In file included from /home/fujii/webkit/wa/WebKitBuild/GTK/Release/JavaScriptCore/DerivedSources/unified-sources/UnifiedSource-ee8a7a7a-4.cpp:8: In file included from /home/fujii/webkit/wa/Source/JavaScriptCore/heap/IncrementalSweeper.cpp:32: In file included from /home/fujii/webkit/wa/WebKitBuild/GTK/Release/WTF/Headers/wtf/SystemTracing.h:196: /home/fujii/webkit/wa/WebKitBuild/GTK/Release/WTF/Headers/wtf/glib/SysprofAnnotator.h:73:9: error: function 'vsnprintf' is unsafe [-Werror,-Wunsafe-buffer-usage-in-libc-call] 73 | vsnprintf(buffer.mutableSpan().data(), buffer.size(), description, args); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/fujii/webkit/wa/WebKitBuild/GTK/Release/WTF/Headers/wtf/glib/SysprofAnnotator.h:73:9: note: 'va_list' is unsafe 73 | vsnprintf(buffer.mutableSpan().data(), buffer.size(), description, args); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 1 error generated.
Fujii Hironori
Comment 2
2025-09-23 00:16:53 PDT
FAILED: Source/JavaScriptCore/CMakeFiles/JavaScriptCore.dir/__/__/JavaScriptCore/DerivedSources/unified-sources/UnifiedSource-84c9f43f-6.cpp.o /usr/bin/clang++ -DBUILDING_GTK__=1 -DBUILDING_JavaScriptCore -DBUILDING_WEBKIT=1 -DBUILDING_WITH_CMAKE=1 -DBWRAP_EXECUTABLE=\"/usr/bin/bwrap\" -DDBUS_PROXY_EXECUTABLE=\"/usr/bin/xdg-dbus-proxy\" -DGETTEXT_PACKAGE=\"WebKitGTK-6.0\" -DHAVE_CONFIG_H=1 -DJSC_GLIB_API_ENABLED -DJavaScriptCore_EXPORTS -DPAS_BMALLOC=1 -DSTATICALLY_LINKED_WITH_WTF -DSTATICALLY_LINKED_WITH_bmalloc -D_GLIBCXX_ASSERTIONS=1 -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/JavaScriptCore/Headers -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/JavaScriptCore/PrivateHeaders -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/JavaScriptCore/PrivateHeaders/JavaScriptCore -I/home/fujii/webkit/wa/Source/JavaScriptCore -I/home/fujii/webkit/wa/Source/JavaScriptCore/API -I/home/fujii/webkit/wa/Source/JavaScriptCore/assembler -I/home/fujii/webkit/wa/Source/JavaScriptCore/b3 -I/home/fujii/webkit/wa/Source/JavaScriptCore/b3/air -I/home/fujii/webkit/wa/Source/JavaScriptCore/bindings -I/home/fujii/webkit/wa/Source/JavaScriptCore/builtins -I/home/fujii/webkit/wa/Source/JavaScriptCore/bytecode -I/home/fujii/webkit/wa/Source/JavaScriptCore/bytecompiler -I/home/fujii/webkit/wa/Source/JavaScriptCore/dfg -I/home/fujii/webkit/wa/Source/JavaScriptCore/disassembler -I/home/fujii/webkit/wa/Source/JavaScriptCore/disassembler/ARM64 -I/home/fujii/webkit/wa/Source/JavaScriptCore/disassembler/zydis -I/home/fujii/webkit/wa/Source/JavaScriptCore/domjit -I/home/fujii/webkit/wa/Source/JavaScriptCore/ftl -I/home/fujii/webkit/wa/Source/JavaScriptCore/fuzzilli -I/home/fujii/webkit/wa/Source/JavaScriptCore/heap -I/home/fujii/webkit/wa/Source/JavaScriptCore/debugger -I/home/fujii/webkit/wa/Source/JavaScriptCore/inspector -I/home/fujii/webkit/wa/Source/JavaScriptCore/inspector/agents -I/home/fujii/webkit/wa/Source/JavaScriptCore/inspector/augmentable -I/home/fujii/webkit/wa/Source/JavaScriptCore/inspector/remote -I/home/fujii/webkit/wa/Source/JavaScriptCore/interpreter -I/home/fujii/webkit/wa/Source/JavaScriptCore/jit -I/home/fujii/webkit/wa/Source/JavaScriptCore/llint -I/home/fujii/webkit/wa/Source/JavaScriptCore/parser -I/home/fujii/webkit/wa/Source/JavaScriptCore/profiler -I/home/fujii/webkit/wa/Source/JavaScriptCore/runtime -I/home/fujii/webkit/wa/Source/JavaScriptCore/tools -I/home/fujii/webkit/wa/Source/JavaScriptCore/wasm -I/home/fujii/webkit/wa/Source/JavaScriptCore/wasm/js -I/home/fujii/webkit/wa/Source/JavaScriptCore/yarr -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/JavaScriptCore/DerivedSources -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/JavaScriptCore/DerivedSources/inspector -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/JavaScriptCore/DerivedSources/runtime -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/JavaScriptCore/DerivedSources/yarr -I/home/fujii/webkit/wa/Source/JavaScriptCore/API/glib -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/JavaScriptCoreGLib/DerivedSources -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/JavaScriptCoreGLib/DerivedSources/jsc -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/JavaScriptCoreGLib/Headers -I/home/fujii/webkit/wa/Source/JavaScriptCore/inspector/remote/glib -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/WTF/Headers -I/home/fujii/webkit/wa/WebKitBuild/GTK/Release/bmalloc/Headers -isystem /usr/include/glib-2.0 -isystem /usr/lib64/glib-2.0/include -isystem /home/fujii/webkit/webkit-jhbuild/install/include/sysprof-6 -fdiagnostics-color=always -fcolor-diagnostics -Wextra -Wall -Werror=undefined-internal -Werror=undefined-inline -pipe -Wno-noexcept-type -Wno-psabi -Wno-misleading-indentation -Wno-parentheses-equality -Qunused-arguments -Wundef -Wpointer-arith -Wmissing-format-attribute -Wformat-security -Wcast-align -Wno-tautological-compare -fasynchronous-unwind-tables -fdebug-types-section -fno-omit-frame-pointer -fno-strict-aliasing -fno-exceptions -fno-rtti -fcoroutines -ffunction-sections -fdata-sections -O3 -DNDEBUG -std=c++23 -fPIC -fvisibility=hidden -Wunsafe-buffer-usage -Wunsafe-buffer-usage-in-libc-call -fsafe-buffer-usage-suggestions -ffp-contract=off -fno-slp-vectorize -Werror -pthread -MD -MT Source/JavaScriptCore/CMakeFiles/JavaScriptCore.dir/__/__/JavaScriptCore/DerivedSources/unified-sources/UnifiedSource-84c9f43f-6.cpp.o -MF Source/JavaScriptCore/CMakeFiles/JavaScriptCore.dir/__/__/JavaScriptCore/DerivedSources/unified-sources/UnifiedSource-84c9f43f-6.cpp.o.d -o Source/JavaScriptCore/CMakeFiles/JavaScriptCore.dir/__/__/JavaScriptCore/DerivedSources/unified-sources/UnifiedSource-84c9f43f-6.cpp.o -c /home/fujii/webkit/wa/WebKitBuild/GTK/Release/JavaScriptCore/DerivedSources/unified-sources/UnifiedSource-84c9f43f-6.cpp In file included from /home/fujii/webkit/wa/WebKitBuild/GTK/Release/JavaScriptCore/DerivedSources/unified-sources/UnifiedSource-84c9f43f-6.cpp:8: /home/fujii/webkit/wa/Source/JavaScriptCore/inspector/remote/glib/RemoteInspectorServer.cpp:243:9: error: function 'strcmp' is unsafe [-Werror,-Wunsafe-buffer-usage-in-libc-call] 243 | if (strcmp(clientBackendCommandsHash, backendCommandsHash().data())) { | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 1 error generated.
Fujii Hironori
Comment 3
2025-09-23 02:29:52 PDT
Pull request:
https://github.com/WebKit/WebKit/pull/51186
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug