lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 07 Jul 2017 22:45:12 +0900
From:   OGAWA Hirofumi <hirofumi@...l.parknet.co.jp>
To:     Meelis Roos <mroos@...ux.ee>
Cc:     Linux Kernel list <linux-kernel@...r.kernel.org>
Subject: Re: namei_vfat.c array subscript is above array bounds

Meelis Roos <mroos@...ux.ee> writes:

> I do not know if this is old or new, just noticed it scrolling by while 
> compiling current 4.12+git on 32-bit x86.

Which version of compiler?

Well, latest change of namei_vfat.c is Sep, 2016. And I can't reproduce
it by "gcc version 6.3.0 20170516 (Debian 6.3.0-18)".

>   CC [M]  fs/fat/namei_vfat.o
> In file included from ./arch/x86/include/asm/string.h:2:0,
>                  from ./include/linux/string.h:18,
>                  from ./include/linux/bitmap.h:8,
>                  from ./include/linux/cpumask.h:11,
>                  from ./arch/x86/include/asm/cpumask.h:4,
>                  from ./arch/x86/include/asm/msr.h:10,
>                  from ./arch/x86/include/asm/processor.h:20,
>                  from ./arch/x86/include/asm/cpufeature.h:4,
>                  from ./arch/x86/include/asm/thread_info.h:52,
>                  from ./include/linux/thread_info.h:37,
>                  from ./arch/x86/include/asm/preempt.h:6,
>                  from ./include/linux/preempt.h:80,
>                  from ./include/linux/spinlock.h:50,
>                  from ./include/linux/seqlock.h:35,
>                  from ./include/linux/time.h:5,
>                  from ./include/linux/stat.h:18,
>                  from ./include/linux/module.h:10,
>                  from fs/fat/namei_vfat.c:18:
> fs/fat/namei_vfat.c: In function ‘vfat_add_entry’:
> ./arch/x86/include/asm/string_32.h:74:16: warning: array subscript is above array bounds [-Warray-bounds]
>    *((char *)to + 4) = *((char *)from + 4);
>     ~~~~~~~~~~~~^~~~
> ./arch/x86/include/asm/string_32.h:74:16: warning: array subscript is above array bounds [-Warray-bounds]
> ./arch/x86/include/asm/string_32.h:78:17: warning: array subscript is above array bounds [-Warray-bounds]
>    *((short *)to + 2) = *((short *)from + 2);
>     ~~~~~~~~~~~~~^~~~
> ./arch/x86/include/asm/string_32.h:78:17: warning: array subscript is above array bounds [-Warray-bounds]
> ./arch/x86/include/asm/string_32.h:82:15: warning: array subscript is above array bounds [-Warray-bounds]
>    *((int *)to + 1) = *((int *)from + 1);
>     ~~~~~~~~~~~^~~~
> ./arch/x86/include/asm/string_32.h:82:15: warning: array subscript is above array bounds [-Warray-bounds]

-- 
OGAWA Hirofumi <hirofumi@...l.parknet.co.jp>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ