lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 15 Dec 2020 23:20:18 -0500 From: "Theodore Y. Ts'o" <tytso@....edu> To: Kang Wenlin <wenlin.kang@...driver.com> Cc: adilger.kernel@...ger.ca, linux-ext4@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] ext4: fix -Wstringop-truncation warnings On Thu, Nov 12, 2020 at 05:33:24PM +0800, Kang Wenlin wrote: > From: Wenlin Kang <wenlin.kang@...driver.com> > > The strncpy() function may create a unterminated string, > use strscpy_pad() instead. > > This fixes the following warning: > > fs/ext4/super.c: In function '__save_error_info': > fs/ext4/super.c:349:2: warning: 'strncpy' specified bound 32 equals destination size [-Wstringop-truncation] > strncpy(es->s_last_error_func, func, sizeof(es->s_last_error_func)); > ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > fs/ext4/super.c:353:3: warning: 'strncpy' specified bound 32 equals destination size [-Wstringop-truncation] > strncpy(es->s_first_error_func, func, > ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > sizeof(es->s_first_error_func)); > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ What compiler are you using? s_last_error_func is defined to not necessarily be NUL terminated. So strscpy_pad() is not a proper replacement for strncpy() in this use case. >From Documentation/process/deprecated: If a caller is using non-NUL-terminated strings, strncpy() can still be used, but destinations should be marked with the `__nonstring <https://gcc.gnu.org/onlinedocs/gcc/Common-Variable-Attributes.html>`_ attribute to avoid future compiler warnings. s_{first,last}_error_func is properly annotated with __nonstring in fs/ext4/ext4.h. - Ted
Powered by blists - more mailing lists