lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <24d66dd2-1ee8-bf2e-376c-61f7e6c1729e@csgroup.eu>
Date:   Wed, 9 Aug 2023 08:15:53 +0000
From:   Christophe Leroy <christophe.leroy@...roup.eu>
To:     Kees Cook <keescook@...omium.org>
CC:     "oe-kbuild-all@...ts.linux.dev" <oe-kbuild-all@...ts.linux.dev>,
        kernel test robot <lkp@...el.com>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        Michael Ellerman <mpe@...erman.id.au>,
        Rohan McLure <rmclure@...ux.ibm.com>
Subject: Re: include/linux/seq_file.h:263:9: warning: 'strncpy' output may be
 truncated copying 4 bytes from a string of length 4

Hi Kees,
Le 25/07/2023 à 13:24, kernel test robot a écrit :

> Hi Rohan,
> 
> FYI, the error/warning was bisected to this commit, please ignore it if it's irrelevant.
> 
> tree:   https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
> head:   0b5547c51827e053cc754db47d3ec3e6c2c451d2
> commit: 95567f46b4d20c047750a5e3029461afcdc67697 powerpc/{32,book3e}: kcsan: Extend KCSAN Support
> date:   7 weeks ago
> config: powerpc-randconfig-r015-20230725 (https://download.01.org/0day-ci/archive/20230725/202307251906.lXcLGKvG-lkp@intel.com/config)
> compiler: powerpc-linux-gcc (GCC) 12.3.0
> reproduce: (https://download.01.org/0day-ci/archive/20230725/202307251906.lXcLGKvG-lkp@intel.com/reproduce)
> 
> If you fix the issue in a separate patch/commit (i.e. not just a new version of
> the same patch/commit), kindly add following tags
> | Reported-by: kernel test robot <lkp@...el.com>
> | Closes: https://lore.kernel.org/oe-kbuild-all/202307251906.lXcLGKvG-lkp@intel.com/

Not sure what the problem is, I've looked at it at everything seems correct.

You wrote seq_show_option_n(), any idea what the problem is ?

Thanks
Christophe



> 
> All warnings (new ones prefixed by >>):
> 
>     In file included from include/linux/seq_file_net.h:5,
>                      from include/net/net_namespace.h:193,
>                      from include/linux/inet.h:42,
>                      from fs/ocfs2/super.c:21:
>     fs/ocfs2/super.c: In function 'ocfs2_show_options':
>>> include/linux/seq_file.h:263:9: warning: 'strncpy' output may be truncated copying 4 bytes from a string of length 4 [-Wstringop-truncation]
>       263 |         strncpy(val_buf, value, length);                \
>           |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>     fs/ocfs2/super.c:1518:17: note: in expansion of macro 'seq_show_option_n'
>      1518 |                 seq_show_option_n(s, "cluster_stack", osb->osb_cluster_stack,
>           |                 ^~~~~~~~~~~~~~~~~
> 
> 
> vim +/strncpy +263 include/linux/seq_file.h
> 
> a068acf2ee7769 Kees Cook 2015-09-04  249
> a068acf2ee7769 Kees Cook 2015-09-04  250  /**
> a068acf2ee7769 Kees Cook 2015-09-04  251   * seq_show_option_n - display mount options with appropriate escapes
> a068acf2ee7769 Kees Cook 2015-09-04  252   *		       where @value must be a specific length.
> a068acf2ee7769 Kees Cook 2015-09-04  253   * @m: the seq_file handle
> a068acf2ee7769 Kees Cook 2015-09-04  254   * @name: the mount option name
> a068acf2ee7769 Kees Cook 2015-09-04  255   * @value: the mount option name's value, cannot be NULL
> a068acf2ee7769 Kees Cook 2015-09-04  256   * @length: the length of @value to display
> a068acf2ee7769 Kees Cook 2015-09-04  257   *
> a068acf2ee7769 Kees Cook 2015-09-04  258   * This is a macro since this uses "length" to define the size of the
> a068acf2ee7769 Kees Cook 2015-09-04  259   * stack buffer.
> a068acf2ee7769 Kees Cook 2015-09-04  260   */
> a068acf2ee7769 Kees Cook 2015-09-04  261  #define seq_show_option_n(m, name, value, length) {	\
> a068acf2ee7769 Kees Cook 2015-09-04  262  	char val_buf[length + 1];			\
> a068acf2ee7769 Kees Cook 2015-09-04 @263  	strncpy(val_buf, value, length);		\
> a068acf2ee7769 Kees Cook 2015-09-04  264  	val_buf[length] = '\0';				\
> a068acf2ee7769 Kees Cook 2015-09-04  265  	seq_show_option(m, name, val_buf);		\
> a068acf2ee7769 Kees Cook 2015-09-04  266  }
> a068acf2ee7769 Kees Cook 2015-09-04  267
> 
> :::::: The code at line 263 was first introduced by commit
> :::::: a068acf2ee77693e0bf39d6e07139ba704f461c3 fs: create and use seq_show_option for escaping
> 
> :::::: TO: Kees Cook <keescook@...omium.org>
> :::::: CC: Linus Torvalds <torvalds@...ux-foundation.org>
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ