[sudo-workers] C99 fixes for the configure script

Florian Weimer fweimer at redhat.com
Wed Apr 26 03:58:22 MDT 2023 

We are trying to build Fedora with more C misuse turned into errors:

  <https://fedoraproject.org/wiki/Changes/PortingToModernC>
  <https://fedoraproject.org/wiki/Toolchain/PortingToModernC>

The first issue is a bit tricky.  The lber.h probe also calso ldap_init,
but it's deprecated in our <ldap.h> header and only declared if
LDAP_DEPRECATED is defined.  So with a C99 compiler without implicit
function declaration support, this probe checks for a declaration
ldap_init, and not just for <ldap.h> usability without <lber.h>.

This is a possible fix:

diff --git a/m4/ldap.m4 b/m4/ldap.m4
index 78c21e0bc0a1f65f..a6361df044d84f92 100644
--- a/m4/ldap.m4
+++ b/m4/ldap.m4
@@ -52,7 +52,10 @@ AC_DEFUN([SUDO_CHECK_LDAP], [
 #include <lber.h>])
 	AC_CACHE_CHECK([whether lber.h is needed when including ldap.h], [sudo_cv_header_lber_h], [
 	    AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
-#include <ldap.h>]], [[(void)ldap_init(0, 0)]])], [
+#include <ldap.h>
+
+void *volatile ptr;
+]], [[ptr = (void *) ldap_msgfree]])], [
 		# No need to explicitly include lber.h when including ldap.h.
 		sudo_cv_header_lber_h=no
 	    ], [

ldap_msgfree is called unconditionally from the LDAP plugin code, so it
seems like a reasonable way to probe for a usable header.
Alternatively, you could call “ldap_msgfree(0);”, I think.

The second issue is in the fortify probe.  It calls sprintf without
including <stdio.h>, which also relies on implicit function
declarations.  A possible fix looks like this:

diff --git a/m4/hardening.m4 b/m4/hardening.m4
index f7d2a8c2911ed9d6..1ebfd9fdaf461285 100644
--- a/m4/hardening.m4
+++ b/m4/hardening.m4
@@ -10,7 +10,7 @@ AC_DEFUN([SUDO_CHECK_HARDENING], [
 	    [sudo_cv_use_fortify_source],
 	    [AC_LINK_IFELSE([
 		    AC_LANG_PROGRAM(
-			[[]], [[char buf[4]; (void)sprintf(buf, "%s", "foo");]]
+			[[#include <string.h>]], [[char buf[4]; (void)sprintf(buf, "%s", "foo");]]
 		    )],
 		    [sudo_cv_use_fortify_source=yes],
 		    [sudo_cv_use_fortify_source=no]

But it is not clear to me if the probe as written checked for anything
before.  It actually relied on the compiler doing fortification
conditionally on _FORTIFY_SOURCE without header files, which seems
rather unlikely.  Certainly that's not how the GCC/glibc implementation
works.  So maybe the check can be dropped?

Thanks,
Florian

More information about the sudo-workers mailing list