lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Mon, 17 Jul 2023 12:44:01 +0200
From:   "Arnd Bergmann" <arnd@...db.de>
To:     "Andy Shevchenko" <andriy.shevchenko@...el.com>,
        "Arnd Bergmann" <arnd@...nel.org>
Cc:     "Jiri Kosina" <jikos@...nel.org>,
        "Benjamin Tissoires" <benjamin.tissoires@...hat.com>,
        "K. Y. Srinivasan" <kys@...rosoft.com>,
        "Haiyang Zhang" <haiyangz@...rosoft.com>,
        "Wei Liu" <wei.liu@...nel.org>, "Dexuan Cui" <decui@...rosoft.com>,
        "Paulo Miguel Almeida" <paulo.miguel.almeida.rodenas@...il.com>,
        "Michael Kelley (LINUX)" <mikelley@...rosoft.com>,
        "Dawei Li" <set_pte_at@...look.com>,
        "Yang Yingliang" <yangyingliang@...wei.com>,
        Thomas Weißschuh <linux@...ssschuh.net>,
        linux-hyperv@...r.kernel.org, linux-input@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] HID: hyperv: avoid struct memcpy overrun warning

On Mon, Jul 17, 2023, at 11:36, Andy Shevchenko wrote:
> On Wed, Jul 05, 2023 at 04:02:24PM +0200, Arnd Bergmann wrote:
>> From: Arnd Bergmann <arnd@...db.de>
>> 
>> A previous patch addressed the fortified memcpy warning for most
>> builds, but I still see this one with gcc-9:
>
> JFYI: as of today I have run Linux Next with `make W=1 allmodconfig` on x86_64
> and it seems there are still tons of similar issues which break the build.

It's a bit more complex:

- yes, there are lots of warnings for memcpy() read overflow when you
  build allmodconfig kernels with W=1. I have patches for all of these and
  plan to submit them over time.

- This particular one is a memcpy /write/ overflow, i.e. the
  destination type overflows with the length according to gcc's
  understanding of the structures. This warning is enabled even
  without W=1, though it may only show up in certain configurations
  or compiler versions.

      Arnd

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ