lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20200311163800.a264d4ec8f26cca7bb5046fb@linux-foundation.org>
Date:   Wed, 11 Mar 2020 16:38:00 -0700
From:   Andrew Morton <akpm@...ux-foundation.org>
To:     Walter Wu <walter-zh.wu@...iatek.com>
Cc:     Andrey Ryabinin <aryabinin@...tuozzo.com>,
        Alexander Potapenko <glider@...gle.com>,
        Dmitry Vyukov <dvyukov@...gle.com>, Qian Cai <cai@....pw>,
        Stephen Rothwell <sfr@...b.auug.org.au>,
        <kasan-dev@...glegroups.com>, <linux-mm@...ck.org>,
        <linux-kernel@...r.kernel.org>,
        <linux-arm-kernel@...ts.infradead.org>,
        wsd_upstream <wsd_upstream@...iatek.com>
Subject: Re: [PATCH -next] kasan: fix -Wstringop-overflow warning

On Wed, 11 Mar 2020 21:42:44 +0800 Walter Wu <walter-zh.wu@...iatek.com> wrote:

> Compiling with gcc-9.2.1 points out below warnings.
> 
> In function 'memmove',
>     inlined from 'kmalloc_memmove_invalid_size' at lib/test_kasan.c:301:2:
> include/linux/string.h:441:9: warning: '__builtin_memmove' specified
> bound 18446744073709551614 exceeds maximum object size
> 9223372036854775807 [-Wstringop-overflow=]
> 
> Why generate this warnings?
> Because our test function deliberately pass a negative number in memmove(),
> so we need to make it "volatile" so that compiler doesn't see it.
> 
> ...
>
> --- a/lib/test_kasan.c
> +++ b/lib/test_kasan.c
> @@ -289,6 +289,7 @@ static noinline void __init kmalloc_memmove_invalid_size(void)
>  {
>  	char *ptr;
>  	size_t size = 64;
> +	volatile size_t invalid_size = -2;
>  
>  	pr_info("invalid size in memmove\n");
>  	ptr = kmalloc(size, GFP_KERNEL);
> @@ -298,7 +299,7 @@ static noinline void __init kmalloc_memmove_invalid_size(void)
>  	}
>  
>  	memset((char *)ptr, 0, 64);
> -	memmove((char *)ptr, (char *)ptr + 4, -2);
> +	memmove((char *)ptr, (char *)ptr + 4, invalid_size);
>  	kfree(ptr);
>  }

Huh.  Why does this trick suppress the warning?

Do we have any guarantee that this it will contiue to work in future
gcc's?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ