lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Mon, 20 Sep 2021 15:18:50 +0000
From:   SeongJae Park <sj@...nel.org>
To:     Arnd Bergmann <arnd@...nel.org>
Cc:     SeongJae Park <sjpark@...zon.de>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Brendan Higgins <brendanhiggins@...gle.com>,
        Arnd Bergmann <arnd@...db.de>, linux-mm@...ck.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] mm/damon: fix stringop-overread warning in kunit test

On Mon, 20 Sep 2021 12:01:23 +0200 Arnd Bergmann <arnd@...nel.org> wrote:

> From: Arnd Bergmann <arnd@...db.de>
> 
> gcc-11 points out that strnlen() with a fixed length on a constant
> input makes no sense:
> 
> In file included from mm/damon/dbgfs.c:623:
> mm/damon/dbgfs-test.h: In function 'damon_dbgfs_test_str_to_target_ids':
> mm/damon/dbgfs-test.h:23:47: error: 'strnlen' specified bound 128 exceeds source size 4 [-Werror=stringop-overread]
>    23 |         answers = str_to_target_ids(question, strnlen(question, 128),
>       |                                               ^~~~~~~~~~~~~~~~~~~~~~
> mm/damon/dbgfs-test.h:30:47: error: 'strnlen' specified bound 128 exceeds source size 7 [-Werror=stringop-overread]
>    30 |         answers = str_to_target_ids(question, strnlen(question, 128),
>       |                                               ^~~~~~~~~~~~~~~~~~~~~~
> mm/damon/dbgfs-test.h:37:47: error: 'strnlen' specified bound 128 exceeds source size 5 [-Werror=stringop-overread]
>    37 |         answers = str_to_target_ids(question, strnlen(question, 128),
>       |                                               ^~~~~~~~~~~~~~~~~~~~~~
> 
> Use a plain strlen() instead.
> 
> Fixes: 17ccae8bb5c9 ("mm/damon: add kunit tests")
> Signed-off-by: Arnd Bergmann <arnd@...db.de>

Thank you for the patch!  However, a same change has already merged[1] in -mm.
Sorry for that.

[1] https://lore.kernel.org/mm-commits/20210915033531.IdrhacHQk%25akpm@linux-foundation.org/


Thanks,
SJ

[...]

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ