| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20210322160253.4032422-4-arnd@kernel.org>
Date: Mon, 22 Mar 2021 17:02:41 +0100
From: Arnd Bergmann <arnd@...nel.org>
To: linux-kernel@...r.kernel.org, Martin Sebor <msebor@....gnu.org>,
Serge Hallyn <serge@...lyn.com>,
James Morris <jmorris@...ei.org>
Cc: Arnd Bergmann <arnd@...db.de>, x86@...nel.org,
Ning Sun <ning.sun@...el.com>,
Jani Nikula <jani.nikula@...ux.intel.com>,
Kalle Valo <kvalo@...eaurora.org>,
Simon Kelley <simon@...kelleys.org.uk>,
James Smart <james.smart@...adcom.com>,
"James E.J. Bottomley" <jejb@...ux.ibm.com>,
Anders Larsen <al@...rsen.net>, Tejun Heo <tj@...nel.org>,
Imre Deak <imre.deak@...el.com>,
linux-arm-kernel@...ts.infradead.org,
tboot-devel@...ts.sourceforge.net, intel-gfx@...ts.freedesktop.org,
dri-devel@...ts.freedesktop.org, ath11k@...ts.infradead.org,
linux-wireless@...r.kernel.org, netdev@...r.kernel.org,
linux-scsi@...r.kernel.org, cgroups@...r.kernel.org,
linux-security-module@...r.kernel.org,
"Eric W. Biederman" <ebiederm@...ssion.com>,
Christian Brauner <christian.brauner@...ntu.com>,
Kees Cook <keescook@...omium.org>,
Miklos Szeredi <mszeredi@...hat.com>,
Tycho Andersen <tycho@...ho.pizza>
Subject: [PATCH 03/11] security: commoncap: fix -Wstringop-overread warning
From: Arnd Bergmann <arnd@...db.de>
gcc-11 introdces a harmless warning for cap_inode_getsecurity:
security/commoncap.c: In function ‘cap_inode_getsecurity’:
security/commoncap.c:440:33: error: ‘memcpy’ reading 16 bytes from a region of size 0 [-Werror=stringop-overread]
440 | memcpy(&nscap->data, &cap->data, sizeof(__le32) * 2 * VFS_CAP_U32);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The problem here is that tmpbuf is initialized to NULL, so gcc assumes
it is not accessible unless it gets set by vfs_getxattr_alloc(). This is
a legitimate warning as far as I can tell, but the code is correct since
it correctly handles the error when that function fails.
Add a separate NULL check to tell gcc about it as well.
Signed-off-by: Arnd Bergmann <arnd@...db.de>
---
security/commoncap.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security/commoncap.c b/security/commoncap.c
index 28f4d25480df..9a36ed6dd737 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -400,7 +400,7 @@ int cap_inode_getsecurity(struct user_namespace *mnt_userns,
&tmpbuf, size, GFP_NOFS);
dput(dentry);
- if (ret < 0)
+ if (ret < 0 || !tmpbuf)
return ret;
fs_ns = inode->i_sb->s_user_ns;
--
2.29.2
Powered by blists - more mailing lists