lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 4 Apr 2022 00:30:52 -0700
From:   Ron Economos <w6rz@...cast.net>
To:     linux@...ck-us.net
Cc:     Larry.Finger@...inger.net, gregkh@...uxfoundation.org,
        jslaby@...e.cz, linux-kernel@...r.kernel.org, ogabbay@...nel.org,
        torvalds@...ux-foundation.org
Subject: Re: Linux 5.18-rc1

> On 4/3/22 20:29, Linus Torvalds wrote:
> > On Sun, Apr 3, 2022 at 7:22 PM Guenter Roeck <linux@...ck-us.net> wrote:
> >>
> >> In function '__nat25_add_pppoe_tag',
> >>      inlined from 'nat25_db_handle' at drivers/staging/r8188eu/core/rtw_br_ext.c:479:11:
> >> arch/alpha/include/asm/string.h:22:16: error: '__builtin_memcpy' forming offset [40, 2051] is out of the bounds [0, 40] of object 'tag_buf' with type 'unsigned char[40]'
> >>
> >> Exposed by commit e6148767825c ("Makefile: Enable -Warray-bounds").
> >> Fix at https://lore.kernel.org/lkml/20220403123628.3113382-1-linux@roeck-us.net/
> > 
> > Funky. Apparently nobody else does that pppoe_tag thing, and this
> > driver does it wrong on little-endian, which is the common thing to
> > test.
> > 
> > Your email that you point to is a bit confused, though, in how it says
> > "when building the driver on a big endian system such as alpha".
> > 
> > Alpha is little-endian, not big-endian.
> > 
>
> Oops. Sorry, I thought it was big endian. No idea why. I'll update
> subject and description and resend.
>
> > Now, why it apparently only warns on alpha, I have absolutely no idea.
> > It should warn on other things too afaik, since that
> > 
> >          tag->tag_len = htons(MAGIC_CODE_LEN+RTL_RELAY_TAG_LEN+old_tag_len);
> > 
> > should be visible not just on alpha.
> > 
> Maybe htons() and ntohs() are modeled differently on other architectures,
> and the compiler doesn't see the context ?
>
> > Weird. But your patch looks correct.
This warning also appears on RISC-V RV64 with gcc 11.2.0. The patch 
works good.

Ron

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ