lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 18 Oct 2018 15:08:34 +0000
From:   David Laight <David.Laight@...LAB.COM>
To:     'Dan Carpenter' <dan.carpenter@...cle.com>,
        "kys@...rosoft.com" <kys@...rosoft.com>
CC:     "gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "devel@...uxdriverproject.org" <devel@...uxdriverproject.org>,
        "olaf@...fle.de" <olaf@...fle.de>,
        "apw@...onical.com" <apw@...onical.com>,
        "jasowang@...hat.com" <jasowang@...hat.com>,
        "sthemmin@...rosoft.com" <sthemmin@...rosoft.com>,
        "Michael.H.Kelley@...rosoft.com" <Michael.H.Kelley@...rosoft.com>,
        "vkuznets@...hat.com" <vkuznets@...hat.com>,
        Haiyang Zhang <haiyangz@...rosoft.com>
Subject: RE: [PATCH V2 5/5] Tools: hv: kvp: Fix a warning of buffer overflow
 with gcc 8.0.1

From: Dan Carpenter
> Sent: 18 October 2018 07:33
> 
> On Thu, Oct 18, 2018 at 05:09:32AM +0000, kys@...uxonhyperv.com wrote:
> > From: Dexuan Cui <decui@...rosoft.com>
> >
> > The patch fixes:
> >
> > hv_kvp_daemon.c: In function 'kvp_set_ip_info':
> > hv_kvp_daemon.c:1305:2: note: 'snprintf' output between 41 and 4136 bytes
> > into a destination of size 4096
> >
> > The "(unsigned int)str_len" is to avoid:
> >
> > hv_kvp_daemon.c:1309:30: warning: comparison of integer expressions of
> > different signedness: 'int' and 'long unsigned int' [-Wsign-compare]

I usually use 'str_len + 0u' rather than a cast.

> Ugh...  Any tool with the most basic flow analysis would realize this
> was a false positive.  We use at least three static analyzers which
> catch signedness bugs.  Can we turn off GCC's warning on this until they
> improve it a bit?

Yes, would be nice if it attempted to follow the valid domain of variables.

I recently had to change:
	unsigned char a, b;
	unsigned int c;
	...
	if (a + b < c)
To stop a 'signedness' warning.

	David

-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)

Powered by blists - more mailing lists