| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 22 Mar 2021 17:02:42 +0100
From: Arnd Bergmann <arnd@...nel.org>
To: linux-kernel@...r.kernel.org, Martin Sebor <msebor@....gnu.org>,
Kalle Valo <kvalo@...eaurora.org>,
"David S. Miller" <davem@...emloft.net>,
Jakub Kicinski <kuba@...nel.org>
Cc: Arnd Bergmann <arnd@...db.de>, x86@...nel.org,
Ning Sun <ning.sun@...el.com>,
Jani Nikula <jani.nikula@...ux.intel.com>,
Simon Kelley <simon@...kelleys.org.uk>,
James Smart <james.smart@...adcom.com>,
"James E.J. Bottomley" <jejb@...ux.ibm.com>,
Anders Larsen <al@...rsen.net>, Tejun Heo <tj@...nel.org>,
Serge Hallyn <serge@...lyn.com>,
Imre Deak <imre.deak@...el.com>,
linux-arm-kernel@...ts.infradead.org,
tboot-devel@...ts.sourceforge.net, intel-gfx@...ts.freedesktop.org,
dri-devel@...ts.freedesktop.org, ath11k@...ts.infradead.org,
linux-wireless@...r.kernel.org, netdev@...r.kernel.org,
linux-scsi@...r.kernel.org, cgroups@...r.kernel.org,
linux-security-module@...r.kernel.org,
Carl Huang <cjhuang@...eaurora.org>,
Maharaja Kennadyrajan <mkenna@...eaurora.org>,
Pradeep Kumar Chitrapu <pradeepc@...eaurora.org>,
Johannes Berg <johannes.berg@...el.com>,
Ritesh Singh <ritesi@...eaurora.org>,
Rajkumar Manoharan <rmanohar@...eaurora.org>,
Aloka Dixit <alokad@...eaurora.org>,
Felix Fietkau <nbd@....name>
Subject: [PATCH 04/11] ath11: Wstringop-overread warning
From: Arnd Bergmann <arnd@...db.de>
gcc-11 with the kernel address sanitizer prints a warning for this
driver:
In function 'ath11k_peer_assoc_h_vht',
inlined from 'ath11k_peer_assoc_prepare' at drivers/net/wireless/ath/ath11k/mac.c:1632:2:
drivers/net/wireless/ath/ath11k/mac.c:1164:13: error: 'ath11k_peer_assoc_h_vht_masked' reading 16 bytes from a region of size 4 [-Werror=stringop-overread]
1164 | if (ath11k_peer_assoc_h_vht_masked(vht_mcs_mask))
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/net/wireless/ath/ath11k/mac.c: In function 'ath11k_peer_assoc_prepare':
drivers/net/wireless/ath/ath11k/mac.c:1164:13: note: referencing argument 1 of type 'const u16 *' {aka 'const short unsigned int *'}
drivers/net/wireless/ath/ath11k/mac.c:969:1: note: in a call to function 'ath11k_peer_assoc_h_vht_masked'
969 | ath11k_peer_assoc_h_vht_masked(const u16 vht_mcs_mask[NL80211_VHT_NSS_MAX])
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
According to analysis from gcc developers, this is a glitch in the
way gcc tracks the size of struct members. This should really get
fixed in gcc, but it's also easy to work around this instance
by changing the function prototype to no include the length of
the array.
Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99673
Signed-off-by: Arnd Bergmann <arnd@...db.de>
---
drivers/net/wireless/ath/ath11k/mac.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/net/wireless/ath/ath11k/mac.c b/drivers/net/wireless/ath/ath11k/mac.c
index b391169576e2..5cb7ed53f3c4 100644
--- a/drivers/net/wireless/ath/ath11k/mac.c
+++ b/drivers/net/wireless/ath/ath11k/mac.c
@@ -966,7 +966,7 @@ ath11k_peer_assoc_h_ht_masked(const u8 ht_mcs_mask[IEEE80211_HT_MCS_MASK_LEN])
}
static bool
-ath11k_peer_assoc_h_vht_masked(const u16 vht_mcs_mask[NL80211_VHT_NSS_MAX])
+ath11k_peer_assoc_h_vht_masked(const u16 vht_mcs_mask[])
{
int nss;
--
2.29.2
Powered by blists - more mailing lists