lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAKwvOd=qjQxGmRD29DrFjhEpbrDHyTUhRfHKJGJ2i-oo_RvF_A@mail.gmail.com>
Date:   Fri, 8 Jul 2022 16:33:37 -0700
From:   Nick Desaulniers <ndesaulniers@...gle.com>
To:     Justin Stitt <justinstitt@...gle.com>
Cc:     Pablo Neira Ayuso <pablo@...filter.org>,
        Jozsef Kadlecsik <kadlec@...filter.org>,
        Florian Westphal <fw@...len.de>,
        "David S . Miller" <davem@...emloft.net>,
        Eric Dumazet <edumazet@...gle.com>,
        Jakub Kicinski <kuba@...nel.org>,
        Paolo Abeni <pabeni@...hat.com>,
        Nathan Chancellor <nathan@...nel.org>,
        Tom Rix <trix@...hat.com>, netfilter-devel@...r.kernel.org,
        coreteam@...filter.org, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org, llvm@...ts.linux.dev
Subject: Re: [PATCH] netfilter: xt_TPROXY: fix clang -Wformat warnings:

On Thu, Jul 7, 2022 at 12:18 PM Justin Stitt <justinstitt@...gle.com> wrote:
>
> When building with Clang we encounter these warnings:
> | net/netfilter/xt_TPROXY.c:173:5: error: format specifies type 'unsigned
> | char' but the argument has type 'int' [-Werror,-Wformat] tproto,
> | &iph->saddr, ntohs(hp->source),
> -
> | net/netfilter/xt_TPROXY.c:181:4: error: format specifies type 'unsigned
> | char' but the argument has type 'int' [-Werror,-Wformat] tproto,
> | &iph->saddr, ntohs(hp->source),
>
> The format specifier `%hhu` refers to a u8 while tproto is an int. In
> this case we weren't losing any data because ipv6_find_hdr returns an
> int but its return value (nexthdr) is a u8. This u8 gets widened to an
> int when returned from ipv6_find_hdr and assigned to tproto. The
> previous format specifier is functionally fine but still produces a
> warning due to a type mismatch.
>
> The fix is simply to listen to Clang and change `%hhu` to `%d` for both
> instances of the warning.
>
> Link: https://github.com/ClangBuiltLinux/linux/issues/378
> Signed-off-by: Justin Stitt <justinstitt@...gle.com>

Thanks for the patch, this fixes the warning I observe when building
ARCH=arm64 allmodconfig with -Wno-format removed!
Reviewed-by: Nick Desaulniers <ndesaulniers@...gle.com>
Tested-by: Nick Desaulniers <ndesaulniers@...gle.com>

> ---
> It should be noted that for this entire file to build without -Wformat
> warnings you should apply this `ntohs` patch which fixed many, many
> -Wformat warnings in the kernel.
> https://lore.kernel.org/all/20220608223539.470472-1-justinstitt@google.com/
>
>  net/netfilter/xt_TPROXY.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/net/netfilter/xt_TPROXY.c b/net/netfilter/xt_TPROXY.c
> index 459d0696c91a..5d74abffc94f 100644
> --- a/net/netfilter/xt_TPROXY.c
> +++ b/net/netfilter/xt_TPROXY.c
> @@ -169,7 +169,7 @@ tproxy_tg6_v1(struct sk_buff *skb, const struct xt_action_param *par)
>                    targets on the same rule yet */
>                 skb->mark = (skb->mark & ~tgi->mark_mask) ^ tgi->mark_value;
>
> -               pr_debug("redirecting: proto %hhu %pI6:%hu -> %pI6:%hu, mark: %x\n",
> +               pr_debug("redirecting: proto %d %pI6:%hu -> %pI6:%hu, mark: %x\n",
>                          tproto, &iph->saddr, ntohs(hp->source),
>                          laddr, ntohs(lport), skb->mark);
>
> @@ -177,7 +177,7 @@ tproxy_tg6_v1(struct sk_buff *skb, const struct xt_action_param *par)
>                 return NF_ACCEPT;
>         }
>
> -       pr_debug("no socket, dropping: proto %hhu %pI6:%hu -> %pI6:%hu, mark: %x\n",
> +       pr_debug("no socket, dropping: proto %d %pI6:%hu -> %pI6:%hu, mark: %x\n",
>                  tproto, &iph->saddr, ntohs(hp->source),
>                  &iph->daddr, ntohs(hp->dest), skb->mark);
>
> --
> 2.37.0.rc0.161.g10f37bed90-goog
>


-- 
Thanks,
~Nick Desaulniers

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ