This archive contains answers to questions sent to Unidata support through mid-2025. Note that the archive is no longer being updated. We provide the archive for reference; many of the answers presented here remain technically correct, even if somewhat outdated. For the most up-to-date information on the use of NSF Unidata software and data services, please consult the Software Documentation first.
Sean, Having investigated the problem, I think the ncgen code is OK, and the abort caused by compiling with -D_FORTIFY_SOURCE=2 is spurious, as unlikely as that seems. The only change I made from the settings you supplied was to add the "-g" flag to CFLAGS, so I could debug the problem. The code that triggers the abort is the strncat() call in the ncgen/genlib.c function "decodify" around line 1937: newlen = strlen(name) + count + 1; newname = (char *) ecalloc(newlen); cp = name; sp = newname; while(*cp != '\0') { size_t j; if(*cp < 0) { j = *cp + 256; } else { j = *cp; } (void)strncat(sp, repls[j], newlen); /* _FORTIFY_SOURCE=2 is happier with this instead. Why?? */ /* (void)strcat(sp, repls[j]); */ sp += lens[j]; newlen -= lens[j]; cp++; } As the comments indicate, replacing the strncat() call with an strcat() call instead makes the ncgen tests succeed, but the resulting code is less secure from buffer overflows, because it uses the deprecated strcat() function instead of the better strncat() function. I've gone through this code carefully with gdb, and everything is fine when the strncat() function that is apparently substituted by the _FORTIFY_SOURCE=2 setting gets called and causes the abort. In this case, count is 0, name is "Dr", sp is pointing to the first character of newly allocated space of length 3 bytes and the character it points to is '\0' so it is the empty string. repls[j] is the null-terminated string "D". newlen is 3. The function strncat() calls __inline_strncat_chk() which calls __builtin___strncat_chk(), where the abort occurs. The spurious abort from calling strncat() also occurs if I configure and build with _FORTIFY_SOURCE=1 instead of _FORTIFY_SOURCE=2. I'm sure _FORTIFY_SOURCE is very useful, but either its implementation for MacOS X has a problem, or I have a profound misunderstanding of strncat() at a very fundamental level. --Russ Russ Rew UCAR Unidata Program address@hidden http://www.unidata.ucar.edu Ticket Details =================== Ticket ID: PUM-976132 Department: Support netCDF Priority: Normal Status: Closed