lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Wed, 31 Mar 2021 16:21:46 -0500
From:   "Gustavo A. R. Silva" <gustavo@...eddedor.com>
To:     Matthew Wilcox <willy@...radead.org>,
        Andrew Morton <akpm@...ux-foundation.org>
Cc:     "Gustavo A. R. Silva" <gustavoars@...nel.org>,
        linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
        linux-hardening@...r.kernel.org
Subject: Re: [PATCH][next] hfsplus: Fix out-of-bounds warnings in
 __hfsplus_setxattr



On 3/30/21 23:53, Matthew Wilcox wrote:
> On Tue, Mar 30, 2021 at 09:43:20PM -0700, Andrew Morton wrote:
>> On Tue, 30 Mar 2021 09:52:26 -0500 "Gustavo A. R. Silva" <gustavoars@...nel.org> wrote:
>>
>>> Fix the following out-of-bounds warnings by enclosing
>>> structure members file and finder into new struct info:
>>>
>>> fs/hfsplus/xattr.c:300:5: warning: 'memcpy' offset [65, 80] from the object at 'entry' is out of the bounds of referenced subobject 'user_info' with type 'struct DInfo' at offset 48 [-Warray-bounds]
>>> fs/hfsplus/xattr.c:313:5: warning: 'memcpy' offset [65, 80] from the object at 'entry' is out of the bounds of referenced subobject 'user_info' with type 'struct FInfo' at offset 48 [-Warray-bounds]
>>>
>>> Refactor the code by making it more "structured."
>>>
>>> Also, this helps with the ongoing efforts to enable -Warray-bounds and
>>> makes the code clearer and avoid confusing the compiler.
>>
>> Confused.  What was wrong with the old code?  Was this warning
>> legitimate and if so, why?  Or is this patch a workaround for a
>> compiler shortcoming?
> 
> The offending line is this:
> 
> -                               memcpy(&entry.file.user_info, value,
> +                               memcpy(&entry.file.info, value,
>                                                 file_finderinfo_len);
> 
> what it's trying to do is copy two structs which are adjacent to each
> other in a single call to memcpy().  gcc legitimately complains that the
> memcpy to this struct overruns the bounds of the struct.  What Gustavo
> has done here is introduce a new struct that contains the two structs,
> and now gcc is happy that the memcpy doesn't overrun the length of this
> containing struct.

Thanks for this, Matthew. :)

--
Gustavo

Powered by blists - more mailing lists