[<prev] [next>] [day] [month] [year] [list]
Message-ID: <202203301249.XsFY2ove-lkp@intel.com>
Date: Wed, 30 Mar 2022 12:18:46 +0800
From: kernel test robot <lkp@...el.com>
To: "Gustavo A. R. Silva" <gustavoars@...nel.org>
Cc: kbuild-all@...ts.01.org,
"Gustavo A. R. Silva" <gustavo@...eddedor.com>,
LKML <linux-kernel@...r.kernel.org>
Subject: [gustavoars:testing/kspp-stringop-overflow 7/7]
include/linux/fortify-string.h:41:33: warning: '__builtin_memcpy' writing 6
bytes into a region of size 0 overflows the destination
tree: https://git.kernel.org/pub/scm/linux/kernel/git/gustavoars/linux.git testing/kspp-stringop-overflow
head: 3801f720ebf09ec3589982fba4138e83b4177fe1
commit: 3801f720ebf09ec3589982fba4138e83b4177fe1 [7/7] Makefile: Enable -Wstringop-overflow globally
config: powerpc-allyesconfig (https://download.01.org/0day-ci/archive/20220330/202203301249.XsFY2ove-lkp@intel.com/config)
compiler: powerpc-linux-gcc (GCC) 11.2.0
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://git.kernel.org/pub/scm/linux/kernel/git/gustavoars/linux.git/commit/?id=3801f720ebf09ec3589982fba4138e83b4177fe1
git remote add gustavoars https://git.kernel.org/pub/scm/linux/kernel/git/gustavoars/linux.git
git fetch --no-tags gustavoars testing/kspp-stringop-overflow
git checkout 3801f720ebf09ec3589982fba4138e83b4177fe1
# save the config file to linux build tree
mkdir build_dir
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-11.2.0 make.cross O=build_dir ARCH=powerpc SHELL=/bin/bash drivers/net/wireless/atmel/ drivers/staging/r8188eu/
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@...el.com>
All warnings (new ones prefixed by >>):
In file included from include/linux/string.h:253,
from include/linux/bitmap.h:11,
from include/linux/cpumask.h:12,
from include/linux/smp.h:13,
from include/linux/lockdep.h:14,
from include/linux/rcupdate.h:29,
from include/linux/rculist.h:11,
from include/linux/sched/signal.h:5,
from drivers/staging/r8188eu/core/../include/osdep_service.h:7,
from drivers/staging/r8188eu/core/rtw_recv.c:6:
In function 'memcpy',
inlined from 'wlanhdr_to_ethhdr' at drivers/staging/r8188eu/core/rtw_recv.c:1233:2:
>> include/linux/fortify-string.h:41:33: warning: '__builtin_memcpy' writing 6 bytes into a region of size 0 overflows the destination [-Wstringop-overflow=]
41 | #define __underlying_memcpy __builtin_memcpy
| ^
include/linux/fortify-string.h:225:16: note: in expansion of macro '__underlying_memcpy'
225 | return __underlying_memcpy(p, q, size);
| ^~~~~~~~~~~~~~~~~~~
>> include/linux/fortify-string.h:41:33: warning: '__builtin_memcpy' writing 6 bytes into a region of size 0 overflows the destination [-Wstringop-overflow=]
41 | #define __underlying_memcpy __builtin_memcpy
| ^
include/linux/fortify-string.h:225:16: note: in expansion of macro '__underlying_memcpy'
225 | return __underlying_memcpy(p, q, size);
| ^~~~~~~~~~~~~~~~~~~
--
drivers/net/wireless/atmel/atmel.c: In function 'send_association_request':
>> cc1: warning: writing 4 bytes into a region of size between 18446744073709551613 and 2 [-Wstringop-overflow=]
drivers/net/wireless/atmel/atmel.c:2883:20: note: at offset [4, 6] into destination object 'ap' of size 6
2883 | u8 ap[ETH_ALEN]; /* nothing after here directly accessible */
| ^~
drivers/net/wireless/atmel/atmel.c:2884:20: note: at offset [4, 6] into destination object 'ssid_el_id' of size 1
2884 | u8 ssid_el_id;
| ^~~~~~~~~~
vim +/__builtin_memcpy +41 include/linux/fortify-string.h
3009f891bb9f32 Kees Cook 2021-08-02 26
a28a6e860c6cf2 Francis Laniel 2021-02-25 27 #if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS)
a28a6e860c6cf2 Francis Laniel 2021-02-25 28 extern void *__underlying_memchr(const void *p, int c, __kernel_size_t size) __RENAME(memchr);
a28a6e860c6cf2 Francis Laniel 2021-02-25 29 extern int __underlying_memcmp(const void *p, const void *q, __kernel_size_t size) __RENAME(memcmp);
a28a6e860c6cf2 Francis Laniel 2021-02-25 30 extern void *__underlying_memcpy(void *p, const void *q, __kernel_size_t size) __RENAME(memcpy);
a28a6e860c6cf2 Francis Laniel 2021-02-25 31 extern void *__underlying_memmove(void *p, const void *q, __kernel_size_t size) __RENAME(memmove);
a28a6e860c6cf2 Francis Laniel 2021-02-25 32 extern void *__underlying_memset(void *p, int c, __kernel_size_t size) __RENAME(memset);
a28a6e860c6cf2 Francis Laniel 2021-02-25 33 extern char *__underlying_strcat(char *p, const char *q) __RENAME(strcat);
a28a6e860c6cf2 Francis Laniel 2021-02-25 34 extern char *__underlying_strcpy(char *p, const char *q) __RENAME(strcpy);
a28a6e860c6cf2 Francis Laniel 2021-02-25 35 extern __kernel_size_t __underlying_strlen(const char *p) __RENAME(strlen);
a28a6e860c6cf2 Francis Laniel 2021-02-25 36 extern char *__underlying_strncat(char *p, const char *q, __kernel_size_t count) __RENAME(strncat);
a28a6e860c6cf2 Francis Laniel 2021-02-25 37 extern char *__underlying_strncpy(char *p, const char *q, __kernel_size_t size) __RENAME(strncpy);
a28a6e860c6cf2 Francis Laniel 2021-02-25 38 #else
a28a6e860c6cf2 Francis Laniel 2021-02-25 39 #define __underlying_memchr __builtin_memchr
a28a6e860c6cf2 Francis Laniel 2021-02-25 40 #define __underlying_memcmp __builtin_memcmp
a28a6e860c6cf2 Francis Laniel 2021-02-25 @41 #define __underlying_memcpy __builtin_memcpy
a28a6e860c6cf2 Francis Laniel 2021-02-25 42 #define __underlying_memmove __builtin_memmove
a28a6e860c6cf2 Francis Laniel 2021-02-25 43 #define __underlying_memset __builtin_memset
a28a6e860c6cf2 Francis Laniel 2021-02-25 44 #define __underlying_strcat __builtin_strcat
a28a6e860c6cf2 Francis Laniel 2021-02-25 45 #define __underlying_strcpy __builtin_strcpy
a28a6e860c6cf2 Francis Laniel 2021-02-25 46 #define __underlying_strlen __builtin_strlen
a28a6e860c6cf2 Francis Laniel 2021-02-25 47 #define __underlying_strncat __builtin_strncat
a28a6e860c6cf2 Francis Laniel 2021-02-25 48 #define __underlying_strncpy __builtin_strncpy
a28a6e860c6cf2 Francis Laniel 2021-02-25 49 #endif
a28a6e860c6cf2 Francis Laniel 2021-02-25 50
:::::: The code at line 41 was first introduced by commit
:::::: a28a6e860c6cf231cf3c5171c75c342adcd00406 string.h: move fortified functions definitions in a dedicated header.
:::::: TO: Francis Laniel <laniel_francis@...vacyrequired.com>
:::::: CC: Linus Torvalds <torvalds@...ux-foundation.org>
--
0-DAY CI Kernel Test Service
https://01.org/lkp
Powered by blists - more mailing lists