lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20210331045357.GV351017@casper.infradead.org>
Date:   Wed, 31 Mar 2021 05:53:57 +0100
From:   Matthew Wilcox <willy@...radead.org>
To:     Andrew Morton <akpm@...ux-foundation.org>
Cc:     "Gustavo A. R. Silva" <gustavoars@...nel.org>,
        linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
        linux-hardening@...r.kernel.org
Subject: Re: [PATCH][next] hfsplus: Fix out-of-bounds warnings in
 __hfsplus_setxattr

On Tue, Mar 30, 2021 at 09:43:20PM -0700, Andrew Morton wrote:
> On Tue, 30 Mar 2021 09:52:26 -0500 "Gustavo A. R. Silva" <gustavoars@...nel.org> wrote:
> 
> > Fix the following out-of-bounds warnings by enclosing
> > structure members file and finder into new struct info:
> > 
> > fs/hfsplus/xattr.c:300:5: warning: 'memcpy' offset [65, 80] from the object at 'entry' is out of the bounds of referenced subobject 'user_info' with type 'struct DInfo' at offset 48 [-Warray-bounds]
> > fs/hfsplus/xattr.c:313:5: warning: 'memcpy' offset [65, 80] from the object at 'entry' is out of the bounds of referenced subobject 'user_info' with type 'struct FInfo' at offset 48 [-Warray-bounds]
> > 
> > Refactor the code by making it more "structured."
> > 
> > Also, this helps with the ongoing efforts to enable -Warray-bounds and
> > makes the code clearer and avoid confusing the compiler.
> 
> Confused.  What was wrong with the old code?  Was this warning
> legitimate and if so, why?  Or is this patch a workaround for a
> compiler shortcoming?

The offending line is this:

-                               memcpy(&entry.file.user_info, value,
+                               memcpy(&entry.file.info, value,
                                                file_finderinfo_len);

what it's trying to do is copy two structs which are adjacent to each
other in a single call to memcpy().  gcc legitimately complains that the
memcpy to this struct overruns the bounds of the struct.  What Gustavo
has done here is introduce a new struct that contains the two structs,
and now gcc is happy that the memcpy doesn't overrun the length of this
containing struct.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ