lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 7 Jul 2017 12:35:48 +0300 (EEST)
From:   Meelis Roos <mroos@...ux.ee>
To:     OGAWA Hirofumi <hirofumi@...l.parknet.co.jp>
cc:     Linux Kernel list <linux-kernel@...r.kernel.org>
Subject: namei_vfat.c array subscript is above array bounds

I do not know if this is old or new, just noticed it scrolling by while 
compiling current 4.12+git on 32-bit x86.

  CC [M]  fs/fat/namei_vfat.o
In file included from ./arch/x86/include/asm/string.h:2:0,
                 from ./include/linux/string.h:18,
                 from ./include/linux/bitmap.h:8,
                 from ./include/linux/cpumask.h:11,
                 from ./arch/x86/include/asm/cpumask.h:4,
                 from ./arch/x86/include/asm/msr.h:10,
                 from ./arch/x86/include/asm/processor.h:20,
                 from ./arch/x86/include/asm/cpufeature.h:4,
                 from ./arch/x86/include/asm/thread_info.h:52,
                 from ./include/linux/thread_info.h:37,
                 from ./arch/x86/include/asm/preempt.h:6,
                 from ./include/linux/preempt.h:80,
                 from ./include/linux/spinlock.h:50,
                 from ./include/linux/seqlock.h:35,
                 from ./include/linux/time.h:5,
                 from ./include/linux/stat.h:18,
                 from ./include/linux/module.h:10,
                 from fs/fat/namei_vfat.c:18:
fs/fat/namei_vfat.c: In function ‘vfat_add_entry’:
./arch/x86/include/asm/string_32.h:74:16: warning: array subscript is above array bounds [-Warray-bounds]
   *((char *)to + 4) = *((char *)from + 4);
    ~~~~~~~~~~~~^~~~
./arch/x86/include/asm/string_32.h:74:16: warning: array subscript is above array bounds [-Warray-bounds]
./arch/x86/include/asm/string_32.h:78:17: warning: array subscript is above array bounds [-Warray-bounds]
   *((short *)to + 2) = *((short *)from + 2);
    ~~~~~~~~~~~~~^~~~
./arch/x86/include/asm/string_32.h:78:17: warning: array subscript is above array bounds [-Warray-bounds]
./arch/x86/include/asm/string_32.h:82:15: warning: array subscript is above array bounds [-Warray-bounds]
   *((int *)to + 1) = *((int *)from + 1);
    ~~~~~~~~~~~^~~~
./arch/x86/include/asm/string_32.h:82:15: warning: array subscript is above array bounds [-Warray-bounds]


-- 
Meelis Roos (mroos@...ux.ee)

Powered by blists - more mailing lists