Skip to content

fix: quiet -Walloc-size-larger-than and -Wformat-truncation warnings#436

Merged
thegushi merged 2 commits into
trusteddomainproject:developfrom
thegushi:fix/quash-compiler-warnings
Jun 23, 2026
Merged

fix: quiet -Walloc-size-larger-than and -Wformat-truncation warnings#436
thegushi merged 2 commits into
trusteddomainproject:developfrom
thegushi:fix/quash-compiler-warnings

Conversation

@thegushi

Copy link
Copy Markdown
Collaborator

Summary

  • OPENDMARC_MAX_SHELVES_LG2 was derived from sizeof(size_t) assuming OPENDMARC_HASH_SHELF is <= 32 bytes, but it holds a pthread_mutex_t and actually runs 48-72 bytes depending on platform, so the theoretical max calloc() request in opendmarc_hash_init() could exceed the allocator limit (-Walloc-size-larger-than=). The only real caller asks for 8192 buckets, so cap the table size at a fixed, generous bound (16M) instead.
  • MAXHEADER (4096) was small enough that a maxed-out authservid_hdr plus a maxed-out From-domain could together exceed the malloc'd header buffer in opendmarc.c, risking silent truncation of the Authentication-Results header in pathological cases (-Wformat-truncation=). Doubled to 8192 so the worst case fits.

Both warnings are pre-existing on develop and not specific to any in-flight feature branch; confirmed via the CI logs on PR #435.

Test plan

  • make in libopendmarc/ and opendmarc/ succeeds locally (clang)
  • CI (Linux/gcc) no longer emits -Walloc-size-larger-than= or -Wformat-truncation= for these two spots

thegushi added 2 commits June 22, 2026 18:28
OPENDMARC_MAX_SHELVES_LG2 was derived from sizeof(size_t) under the
assumption that OPENDMARC_HASH_SHELF is <= 32 bytes, but it actually
holds a pthread_mutex_t and runs 48-72 bytes depending on platform,
so the theoretical max calloc() request could exceed the allocator
limit. The only real caller asks for 8192 buckets, so cap the table
size at a fixed, generous bound instead.

MAXHEADER was sized so that a maxed-out authservid_hdr plus a
maxed-out From-domain could together exceed the malloc'd header
buffer, risking silent truncation of the Authentication-Results
header in pathological cases. Double it so the worst case fits.
test_arcares and test_spf_parse pull source files from
$(top_srcdir)/opendmarc/, which automake warns will become a hard
error in a future release without subdir-objects enabled. Verified
make check still passes (13/13) with objects now placed in a path
mirroring their source tree instead of being flattened.
@thegushi thegushi merged commit e2304db into trusteddomainproject:develop Jun 23, 2026
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant