[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAN05THRcwWjJiYyBdVuVZrvqgK4VP7LKiNQ=XVMg5oOy5u9kzg@mail.gmail.com>
Date: Wed, 5 Oct 2022 13:30:11 +1000
From: ronnie sahlberg <ronniesahlberg@...il.com>
To: "Gustavo A. R. Silva" <gustavoars@...nel.org>
Cc: Steve French <sfrench@...ba.org>, Paulo Alcantara <pc@....nz>,
Ronnie Sahlberg <lsahlber@...hat.com>,
Shyam Prasad N <sprasad@...rosoft.com>,
Tom Talpey <tom@...pey.com>, linux-cifs@...r.kernel.org,
samba-technical@...ts.samba.org, linux-kernel@...r.kernel.org,
linux-hardening@...r.kernel.org
Subject: Re: [PATCH][next] cifs: Replace a couple of one-element arrays with
flexible-array members
On Wed, 5 Oct 2022 at 12:31, Gustavo A. R. Silva <gustavoars@...nel.org> wrote:
>
> One-element arrays are deprecated, and we are replacing them with flexible
> array members instead. So, replace one-element arrays with flexible-array
> member in structs negotiate_req and extended_response, and refactor the
> rest of the code, accordingly.
>
> Also, make use of the DECLARE_FLEX_ARRAY() helper to declare flexible
> array member EncryptionKey in union u. This new helper allows for
> flexible-array members in unions.
>
> Change pointer notation to proper array notation in a call to memcpy()
> where flexible-array member DialectsArray is being used as destination
> argument.
>
> Important to mention is that doing a build before/after this patch results
> in no binary output differences.
Looks good to me.
Reviewed-by me
Thanks for verifying that it does not change the binary utput.
>
> This helps with the ongoing efforts to tighten the FORTIFY_SOURCE
> routines on memcpy() and help us make progress towards globally
> enabling -fstrict-flex-arrays=3 [1].
>
> Link: https://github.com/KSPP/linux/issues/79
> Link: https://github.com/KSPP/linux/issues/229
> Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101836 [1]
> Signed-off-by: Gustavo A. R. Silva <gustavoars@...nel.org>
> ---
> fs/cifs/cifspdu.h | 7 ++++---
> fs/cifs/cifssmb.c | 2 +-
> 2 files changed, 5 insertions(+), 4 deletions(-)
>
> diff --git a/fs/cifs/cifspdu.h b/fs/cifs/cifspdu.h
> index aeba371c4c70..d1abaeea974a 100644
> --- a/fs/cifs/cifspdu.h
> +++ b/fs/cifs/cifspdu.h
> @@ -483,7 +483,7 @@ put_bcc(__u16 count, struct smb_hdr *hdr)
> typedef struct negotiate_req {
> struct smb_hdr hdr; /* wct = 0 */
> __le16 ByteCount;
> - unsigned char DialectsArray[1];
> + unsigned char DialectsArray[];
> } __attribute__((packed)) NEGOTIATE_REQ;
>
> #define MIN_TZ_ADJ (15 * 60) /* minimum grid for timezones in seconds */
> @@ -508,13 +508,14 @@ typedef struct negotiate_rsp {
> __u8 EncryptionKeyLength;
> __u16 ByteCount;
> union {
> - unsigned char EncryptionKey[1]; /* cap extended security off */
> + /* cap extended security off */
> + DECLARE_FLEX_ARRAY(unsigned char, EncryptionKey);
> /* followed by Domain name - if extended security is off */
> /* followed by 16 bytes of server GUID */
> /* then security blob if cap_extended_security negotiated */
> struct {
> unsigned char GUID[SMB1_CLIENT_GUID_SIZE];
> - unsigned char SecurityBlob[1];
> + unsigned char SecurityBlob[];
> } __attribute__((packed)) extended_response;
> } __attribute__((packed)) u;
> } __attribute__((packed)) NEGOTIATE_RSP;
> diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c
> index 7aa91e272027..7a808e41b1b8 100644
> --- a/fs/cifs/cifssmb.c
> +++ b/fs/cifs/cifssmb.c
> @@ -465,7 +465,7 @@ CIFSSMBNegotiate(const unsigned int xid,
> for (i = 0; i < CIFS_NUM_PROT; i++) {
> size_t len = strlen(protocols[i].name) + 1;
>
> - memcpy(pSMB->DialectsArray+count, protocols[i].name, len);
> + memcpy(&pSMB->DialectsArray[count], protocols[i].name, len);
> count += len;
> }
> inc_rfc1001_len(pSMB, count);
> --
> 2.34.1
>
Powered by blists - more mailing lists