lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Wed, 31 Mar 2021 16:21:46 -0500
From:   "Gustavo A. R. Silva" <>
To:     Matthew Wilcox <>,
        Andrew Morton <>
Cc:     "Gustavo A. R. Silva" <>,,,
Subject: Re: [PATCH][next] hfsplus: Fix out-of-bounds warnings in

On 3/30/21 23:53, Matthew Wilcox wrote:
> On Tue, Mar 30, 2021 at 09:43:20PM -0700, Andrew Morton wrote:
>> On Tue, 30 Mar 2021 09:52:26 -0500 "Gustavo A. R. Silva" <> wrote:
>>> Fix the following out-of-bounds warnings by enclosing
>>> structure members file and finder into new struct info:
>>> fs/hfsplus/xattr.c:300:5: warning: 'memcpy' offset [65, 80] from the object at 'entry' is out of the bounds of referenced subobject 'user_info' with type 'struct DInfo' at offset 48 [-Warray-bounds]
>>> fs/hfsplus/xattr.c:313:5: warning: 'memcpy' offset [65, 80] from the object at 'entry' is out of the bounds of referenced subobject 'user_info' with type 'struct FInfo' at offset 48 [-Warray-bounds]
>>> Refactor the code by making it more "structured."
>>> Also, this helps with the ongoing efforts to enable -Warray-bounds and
>>> makes the code clearer and avoid confusing the compiler.
>> Confused.  What was wrong with the old code?  Was this warning
>> legitimate and if so, why?  Or is this patch a workaround for a
>> compiler shortcoming?
> The offending line is this:
> -                               memcpy(&entry.file.user_info, value,
> +                               memcpy(&, value,
>                                                 file_finderinfo_len);
> what it's trying to do is copy two structs which are adjacent to each
> other in a single call to memcpy().  gcc legitimately complains that the
> memcpy to this struct overruns the bounds of the struct.  What Gustavo
> has done here is introduce a new struct that contains the two structs,
> and now gcc is happy that the memcpy doesn't overrun the length of this
> containing struct.

Thanks for this, Matthew. :)


Powered by blists - more mailing lists