| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 30 Sep 2021 12:17:32 +0800
From: kernel test robot <lkp@...el.com>
To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: kbuild-all@...ts.01.org, devel@...verdev.osuosl.org,
linux-kernel@...r.kernel.org
Subject: [driver-core:debugfs_cleanup 1/2] fs/d_path.c:59 prepend() warn:
unsigned 'p->len' is never less than zero.
tree: https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core.git debugfs_cleanup
head: c4535d1b074f3fdd9476e83526d4e9b53f41a7b5
commit: 473082c5bbad92c5909ccf75fb28df699b94de82 [1/2] fs: make d_path-like functions all have unsigned size
config: i386-randconfig-m021-20210929 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-22) 9.3.0
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@...el.com>
smatch warnings:
fs/d_path.c:59 prepend() warn: unsigned 'p->len' is never less than zero.
vim +59 fs/d_path.c
b0cfcdd9b9672ea Linus Torvalds 2021-07-16 55
b0cfcdd9b9672ea Linus Torvalds 2021-07-16 56 static bool prepend(struct prepend_buffer *p, const char *str, int namelen)
b0cfcdd9b9672ea Linus Torvalds 2021-07-16 57 {
b0cfcdd9b9672ea Linus Torvalds 2021-07-16 58 // Already overflowed?
b0cfcdd9b9672ea Linus Torvalds 2021-07-16 @59 if (p->len < 0)
b0cfcdd9b9672ea Linus Torvalds 2021-07-16 60 return false;
b0cfcdd9b9672ea Linus Torvalds 2021-07-16 61
b0cfcdd9b9672ea Linus Torvalds 2021-07-16 62 // Will overflow?
b0cfcdd9b9672ea Linus Torvalds 2021-07-16 63 if (p->len < namelen) {
b0cfcdd9b9672ea Linus Torvalds 2021-07-16 64 // Fill as much as possible from the end of the name
b0cfcdd9b9672ea Linus Torvalds 2021-07-16 65 str += namelen - p->len;
b0cfcdd9b9672ea Linus Torvalds 2021-07-16 66 p->buf -= p->len;
b0cfcdd9b9672ea Linus Torvalds 2021-07-16 67 prepend_copy(p->buf, str, p->len);
b0cfcdd9b9672ea Linus Torvalds 2021-07-16 68 p->len = -1;
b0cfcdd9b9672ea Linus Torvalds 2021-07-16 69 return false;
b0cfcdd9b9672ea Linus Torvalds 2021-07-16 70 }
b0cfcdd9b9672ea Linus Torvalds 2021-07-16 71
b0cfcdd9b9672ea Linus Torvalds 2021-07-16 72 // Fits fully
ad08ae586586ea9 Al Viro 2021-05-12 73 p->len -= namelen;
ad08ae586586ea9 Al Viro 2021-05-12 74 p->buf -= namelen;
b0cfcdd9b9672ea Linus Torvalds 2021-07-16 75 return prepend_copy(p->buf, str, namelen);
7a5cf791a747640 Al Viro 2018-03-05 76 }
7a5cf791a747640 Al Viro 2018-03-05 77
:::::: The code at line 59 was first introduced by commit
:::::: b0cfcdd9b9672ea90642f33d6c0dd8516553adf2 d_path: make 'prepend()' fill up the buffer exactly on overflow
:::::: TO: Linus Torvalds <torvalds@...ux-foundation.org>
:::::: CC: Linus Torvalds <torvalds@...ux-foundation.org>
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
Download attachment ".config.gz" of type "application/gzip" (35352 bytes)
Powered by blists - more mailing lists