lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 17 Dec 2020 15:00:29 +0800 From: Wenlin Kang <wenlin.kang@...driver.com> To: "Theodore Y. Ts'o" <tytso@....edu> Cc: adilger.kernel@...ger.ca, linux-ext4@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] ext4: fix -Wstringop-truncation warnings On 2020/12/16 下午12:20, Theodore Y. Ts'o wrote: > [Please note this e-mail is from an EXTERNAL e-mail address] > > On Thu, Nov 12, 2020 at 05:33:24PM +0800, Kang Wenlin wrote: >> From: Wenlin Kang <wenlin.kang@...driver.com> >> >> The strncpy() function may create a unterminated string, >> use strscpy_pad() instead. >> >> This fixes the following warning: >> >> fs/ext4/super.c: In function '__save_error_info': >> fs/ext4/super.c:349:2: warning: 'strncpy' specified bound 32 equals destination size [-Wstringop-truncation] >> strncpy(es->s_last_error_func, func, sizeof(es->s_last_error_func)); >> ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >> fs/ext4/super.c:353:3: warning: 'strncpy' specified bound 32 equals destination size [-Wstringop-truncation] >> strncpy(es->s_first_error_func, func, >> ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >> sizeof(es->s_first_error_func)); >> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > What compiler are you using? s_last_error_func is defined to not > necessarily be NUL terminated. So strscpy_pad() is not a proper > replacement for strncpy() in this use case. My compiler is gcc 8.2.0, this is found in v4.18, and I see mainline codes is using the same code too, so sent this patch. But according to your instructions, I just re-check the code, with "__nonstring" attribute, it seems it has fixed. Thank for your explain. > > From Documentation/process/deprecated: > > If a caller is using non-NUL-terminated strings, strncpy() can > still be used, but destinations should be marked with the `__nonstring > <https://gcc.gnu.org/onlinedocs/gcc/Common-Variable-Attributes.html>`_ > attribute to avoid future compiler warnings. > > s_{first,last}_error_func is properly annotated with __nonstring in > fs/ext4/ext4.h. > > - Ted -- Thanks, Wenlin Kang
Powered by blists - more mailing lists