| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 1 Oct 2019 23:15:39 +0300
From: Denis Efremov <efremov@...ux.com>
To: Dan Carpenter <dan.carpenter@...cle.com>
Cc: David Laight <David.Laight@...LAB.COM>,
"devel@...verdev.osuosl.org" <devel@...verdev.osuosl.org>,
Jes Sorensen <jes.sorensen@...il.com>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"stable@...r.kernel.org" <stable@...r.kernel.org>,
Hans de Goede <hdegoede@...hat.com>,
Bastien Nocera <hadess@...ess.net>,
Dmitry Vyukov <dvyukov@...gle.com>,
Larry Finger <Larry.Finger@...inger.net>
Subject: Re: [PATCH] staging: rtl8723bs: hal: Fix memcpy calls
On 01.10.2019 21:58, Dan Carpenter wrote:
> On Tue, Oct 01, 2019 at 06:13:21PM +0300, Denis Efremov wrote:
>> Just found an official documentation to this issue:
>> https://gcc.gnu.org/gcc-4.9/porting_to.html
>> "Null pointer checks may be optimized away more aggressively
>> ...
>> The pointers passed to memmove (and similar functions in <string.h>) must be non-null
>> even when nbytes==0, so GCC can use that information to remove the check after the
>> memmove call. Calling copy(p, NULL, 0) can therefore deference a null pointer and crash."
>>
>
> Correct. In glibc those functions are annotated as non-NULL.
>
> extern void *memcpy (void *__restrict __dest, const void *__restrict __src,
> size_t __n) __THROW __nonnull ((1, 2));
>
> We aren't going to do that in the kernel. A second difference is that
> in the kernel we use -fno-delete-null-pointer-checks so it doesn't
> delete the NULL checks.
>
Thank you for the clarification. This is really helpful.
Best regards,
Denis
Powered by blists - more mailing lists