lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <fe0739cbe279cf9db2ebff1146e7ae540cc1ad6c.camel@linux.ibm.com>
Date:   Tue, 30 May 2023 17:36:06 -0400
From:   James Bottomley <jejb@...ux.ibm.com>
To:     "Gustavo A. R. Silva" <gustavoars@...nel.org>,
        James Smart <james.smart@...adcom.com>,
        Dick Kennedy <dick.kennedy@...adcom.com>,
        "Martin K. Petersen" <martin.petersen@...cle.com>
Cc:     linux-scsi@...r.kernel.org, linux-kernel@...r.kernel.org,
        linux-hardening@...r.kernel.org
Subject: Re: [PATCH][next] scsi: lpfc: Avoid -Wstringop-overflow warning

On Tue, 2023-05-30 at 15:30 -0600, Gustavo A. R. Silva wrote:
> Avoid confusing the compiler about possible negative sizes.
> Use size_t instead of int for variables size and copied.
> 
> Address the following warning found with GCC-13:
> In function ‘lpfc_debugfs_ras_log_data’,
>     inlined from ‘lpfc_debugfs_ras_log_open’ at
> drivers/scsi/lpfc/lpfc_debugfs.c:2271:15:
> drivers/scsi/lpfc/lpfc_debugfs.c:2210:25: warning: ‘memcpy’ specified
> bound between 18446744071562067968 and 18446744073709551615 exceeds
> maximum object size 9223372036854775807 [-Wstringop-overflow=]
>  2210 |                         memcpy(buffer + copied, dmabuf->virt,
>       |                         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>  2211 |                                size - copied - 1);
>       |                                ~~~~~~~~~~~~~~~~~~
> 

This looks like a compiler bug to me and your workaround would have us
using unsigned types everywhere for sizes, which seems wrong.  There
are calls which return size or error for which we have ssize_t and that
type has to be usable in things like memcpy, so the compiler must be
fixed or the warning disabled.

James

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ