lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ZN05IZBfaKkPKJfH@slm.duckdns.org>
Date:   Wed, 16 Aug 2023 11:01:21 -1000
From:   Tejun Heo <tj@...nel.org>
To:     Kees Cook <keescook@...omium.org>
Cc:     "Gustavo A. R. Silva" <gustavoars@...nel.org>,
        Zefan Li <lizefan.x@...edance.com>,
        Johannes Weiner <hannes@...xchg.org>, cgroups@...r.kernel.org,
        linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org
Subject: Re: [PATCH v2][next] cgroup: Avoid -Wstringop-overflow warnings

On Wed, Aug 16, 2023 at 01:57:16PM -0700, Kees Cook wrote:
> On Wed, Aug 16, 2023 at 10:51:12AM -1000, Tejun Heo wrote:
> > Hello,
> > 
> > On Wed, Aug 16, 2023 at 02:50:16PM -0600, Gustavo A. R. Silva wrote:
> > > Change the notation from pointer-to-array to pointer-to-pointer.
> > > With this, we avoid the compiler complaining about trying
> > > to access a region of size zero as an argument during function
> > > calls.
> > 
> > Haha, I thought the functions were actually accessing the memory. This can't
> > be an intended behavior on the compiler's side, right?
> 
> I think it's a result of inlining -- the compiler ends up with a case
> where it looks like it might be possible to index a zero-sized array,
> but it is "accidentally safe".

Ah I see. It's not that the compiler knows that ** access is safe. It's more
that it only applies the check on arrays. Is that right? Gustavo, I don't
mind the patch but can you update the patch description a bit explaining a
bit more on what's going on with the complier? It doesn't have to be the
full explanation but it'd be useful to explicitly point out that we're just
working around the compiler being a bit silly.

Thanks.

-- 
tejun

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ