lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 20 Dec 2023 14:20:52 +0800
From: Yujie Liu <yujie.liu@...el.com>
To: Kees Cook <keescook@...omium.org>
CC: kernel test robot <lkp@...el.com>, <oe-kbuild-all@...ts.linux.dev>,
	<linux-kernel@...r.kernel.org>
Subject: Re: include/linux/fortify-string.h:52:29: warning:
 '__builtin_strcpy' source argument is the same as destination

Hi Kees,

On Thu, Nov 30, 2023 at 02:11:54PM -0800, Kees Cook wrote:
> On Thu, Nov 30, 2023 at 12:02:50PM +0800, kernel test robot wrote:
> > tree:   https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
> > head:   3b47bc037bd44f142ac09848e8d3ecccc726be99
> > commit: ba38961a069b0d8d03b53218a6c29d737577d448 um: Enable FORTIFY_SOURCE
> > date:   1 year, 3 months ago
> > config: um-randconfig-r034-20230830 (https://download.01.org/0day-ci/archive/20231130/202311301039.7i51bZCz-lkp@intel.com/config)
> > compiler: gcc-9 (Debian 9.3.0-22) 9.3.0
> > reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20231130/202311301039.7i51bZCz-lkp@intel.com/reproduce)
> > 
> > If you fix the issue in a separate patch/commit (i.e. not just a new version of
> > the same patch/commit), kindly add following tags
> > | Reported-by: kernel test robot <lkp@...el.com>
> > | Closes: https://lore.kernel.org/oe-kbuild-all/202311301039.7i51bZCz-lkp@intel.com/
> > 
> > [...]
> >    kernel/kallsyms.c: In function '__sprint_symbol.isra.0':
> > >> include/linux/fortify-string.h:52:29: warning: '__builtin_strcpy' source argument is the same as destination [-Wrestrict]
> >       52 | #define __underlying_strcpy __builtin_strcpy
> >          |                             ^
> >    include/linux/fortify-string.h:567:10: note: in expansion of macro '__underlying_strcpy'
> >      567 |   return __underlying_strcpy(p, q);
> >          |          ^~~~~~~~~~~~~~~~~~~
> 
> The only strcpy() in __sprint_symbol() is:
> 
> 	if (name != buffer)
> 		strcpy(buffer, name);
> 
> Which is explicitly not the same address...
> 
> This appears to be a GCC 9 false positive, maybe?

Sorry for our late reply. We tested this with various versions of gcc,
and this error disappeared when building with GCC 10 and 11, so it is
very likely to be a GCC 9 false positive. We will configure the bot to
use compilers newer than GCC 9 to test um arch.

Thanks,
Yujie

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ