lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 19 Feb 2018 01:01:50 +0100
From:   Miguel Ojeda <miguel.ojeda.sandonis@...il.com>
To:     David Rientjes <rientjes@...gle.com>
Cc:     mingo@...nel.org, jpoimboe@...hat.com,
        Kees Cook <keescook@...omium.org>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Geert Uytterhoeven <geert@...ux-m68k.org>,
        Greg KH <gregkh@...uxfoundation.org>, thomas.lendacky@....com,
        will.deacon@....com, linux-kernel <linux-kernel@...r.kernel.org>,
        Willy Tarreau <w@....eu>,
        Xiongfeng Wang <wangxiongfeng2@...wei.com>,
        Arnd Bergmann <arnd@...db.de>
Subject: Re: [PATCH] Support the nonstring variable attribute (gcc >= 8)

On Mon, Feb 19, 2018 at 12:20 AM, David Rientjes <rientjes@...gle.com> wrote:
> On Sat, 17 Feb 2018, Miguel Ojeda wrote:
>
>> From the GCC manual:
>>
>> The nonstring variable attribute specifies that an object or member
>> declaration with type array of char or pointer to char is intended to
>> store character arrays that do not necessarily contain a terminating NUL
>> character. This is useful in detecting uses of such arrays or pointers
>> with functions that expect NUL-terminated strings, and to avoid warnings
>> when such an array or pointer is used as an argument to a bounded string
>> manipulation function such as strncpy.
>>
>>   https://gcc.gnu.org/onlinedocs/gcc/Common-Variable-Attributes.html
>>
>> Some reports are already coming to the LKML regarding these
>> warnings. When they are false positives, we can use __nonstring to let
>> gcc know a NUL character is not required; like in this case:
>>
>>   https://lkml.org/lkml/2018/1/16/135
>>
>> Signed-off-by: Miguel Ojeda <miguel.ojeda.sandonis@...il.com>
>> Cc: Ingo Molnar <mingo@...nel.org>
>> Cc: Josh Poimboeuf <jpoimboe@...hat.com>
>> Cc: Kees Cook <keescook@...omium.org>
>> Cc: Andrew Morton <akpm@...ux-foundation.org>
>> Cc: Geert Uytterhoeven <geert@...ux-m68k.org>
>> Cc: Will Deacon <will.deacon@....com>
>> Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
>> Cc: David Rientjes <rientjes@...gle.com>
>
> I would have expected to have seen __nonstring used somewhere as part of
> this patch.

Do you mean to expand the commit message with an actual code example
instead of the links to the docs and the discussion about the report?
Otherwise, if you mean in the actual commit, I think in that case it
should be a patch series, not a single commit.

In any case, the key point here is to agree on the short-term policy:
i.e. whether we want to disable the upcoming warning or try to take
advantage of it (which not *necessarily* implies using __nonstring,
there are other workarounds; though where applicable, __nonstring is
probably the right thing to use).

[By the way, CC'ing Xiongfeng, Willy and Arnd, since they were
involved in the example report; sorry guys!].

Cheers,
Miguel

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ