| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAH2r5msDZjC_iktAhCn6jxhUVQZ2sXrD8KpbCs-woDriZNDmXw@mail.gmail.com>
Date: Sun, 17 Nov 2024 17:08:14 -0600
From: Steve French <smfrench@...il.com>
To: "Gustavo A. R. Silva" <gustavo@...eddedor.com>
Cc: Kees Cook <kees@...nel.org>, Steve French <sfrench@...ba.org>,
"Gustavo A. R. Silva" <gustavoars@...nel.org>, Paulo Alcantara <pc@...guebit.com>,
Ronnie Sahlberg <ronniesahlberg@...il.com>, Shyam Prasad N <sprasad@...rosoft.com>,
Tom Talpey <tom@...pey.com>, Bharath SM <bharathsm@...rosoft.com>, linux-cifs@...r.kernel.org,
samba-technical@...ts.samba.org, linux-kernel@...r.kernel.org,
linux-hardening@...r.kernel.org
Subject: Re: [PATCH] smb: client: memcpy() with surrounding object base address
merged into cifs-2.6.git for-next
On Sun, Nov 17, 2024 at 1:15 PM Gustavo A. R. Silva
<gustavo@...eddedor.com> wrote:
>
>
>
> On 17/11/24 05:32, Kees Cook wrote:
> > Like commit f1f047bd7ce0 ("smb: client: Fix -Wstringop-overflow issues"),
> > adjust the memcpy() destination address to be based off the surrounding
> > object rather than based off the 4-byte "Protocol" member. This avoids a
> > build-time warning when compiling under CONFIG_FORTIFY_SOURCE with GCC 15:
> >
> > In function 'fortify_memcpy_chk',
> > inlined from 'CIFSSMBSetPathInfo' at ../fs/smb/client/cifssmb.c:5358:2:
> > ../include/linux/fortify-string.h:571:25: error: call to '__write_overflow_field' declared with attribute warning: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror=attribute-warning]
> > 571 | __write_overflow_field(p_size_field, size);
> > | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> >
> > Signed-off-by: Kees Cook <kees@...nel.org>
>
> Reviewed-by: Gustavo A. R. Silva <gustavoars@...nel.org>
>
> Thanks!
> -Gustavo
>
> > ---
> > Cc: Steve French <sfrench@...ba.org>
> > Cc: "Gustavo A. R. Silva" <gustavoars@...nel.org>
> > Cc: Paulo Alcantara <pc@...guebit.com>
> > Cc: Ronnie Sahlberg <ronniesahlberg@...il.com>
> > Cc: Shyam Prasad N <sprasad@...rosoft.com>
> > Cc: Tom Talpey <tom@...pey.com>
> > Cc: Bharath SM <bharathsm@...rosoft.com>
> > Cc: linux-cifs@...r.kernel.org
> > Cc: samba-technical@...ts.samba.org
> > ---
> > fs/smb/client/cifssmb.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/fs/smb/client/cifssmb.c b/fs/smb/client/cifssmb.c
> > index b96ca9be5352..026d6b5f23a9 100644
> > --- a/fs/smb/client/cifssmb.c
> > +++ b/fs/smb/client/cifssmb.c
> > @@ -5337,7 +5337,7 @@ CIFSSMBSetPathInfo(const unsigned int xid, struct cifs_tcon *tcon,
> > param_offset = offsetof(struct smb_com_transaction2_spi_req,
> > InformationLevel) - 4;
> > offset = param_offset + params;
> > - data_offset = (char *) (&pSMB->hdr.Protocol) + offset;
> > + data_offset = (char *)pSMB + offsetof(typeof(*pSMB), hdr.Protocol) + offset;
> > pSMB->ParameterOffset = cpu_to_le16(param_offset);
> > pSMB->DataOffset = cpu_to_le16(offset);
> > pSMB->SetupCount = 1;
>
>
--
Thanks,
Steve
Powered by blists - more mailing lists