lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <ZYKM2+WNOhY54bQS@yujie-X299>
Date: Wed, 20 Dec 2023 14:42:35 +0800
From: Yujie Liu <yujie.liu@...el.com>
To: Kees Cook <keescook@...omium.org>
CC: kernel test robot <lkp@...el.com>, <oe-kbuild-all@...ts.linux.dev>,
	<linux-kernel@...r.kernel.org>
Subject: Re: include/linux/fortify-string.h:52:29: warning:
 '__builtin_strcpy' source argument is the same as destination

On Wed, Dec 20, 2023 at 02:20:52PM +0800, Yujie Liu wrote:
> Hi Kees,
> 
> On Thu, Nov 30, 2023 at 02:11:54PM -0800, Kees Cook wrote:
> > On Thu, Nov 30, 2023 at 12:02:50PM +0800, kernel test robot wrote:
> > > tree:   https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
> > > head:   3b47bc037bd44f142ac09848e8d3ecccc726be99
> > > commit: ba38961a069b0d8d03b53218a6c29d737577d448 um: Enable FORTIFY_SOURCE
> > > date:   1 year, 3 months ago
> > > config: um-randconfig-r034-20230830 (https://download.01.org/0day-ci/archive/20231130/202311301039.7i51bZCz-lkp@intel.com/config)
> > > compiler: gcc-9 (Debian 9.3.0-22) 9.3.0
> > > reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20231130/202311301039.7i51bZCz-lkp@intel.com/reproduce)
> > > 
> > > If you fix the issue in a separate patch/commit (i.e. not just a new version of
> > > the same patch/commit), kindly add following tags
> > > | Reported-by: kernel test robot <lkp@...el.com>
> > > | Closes: https://lore.kernel.org/oe-kbuild-all/202311301039.7i51bZCz-lkp@intel.com/
> > > 
> > > [...]
> > >    kernel/kallsyms.c: In function '__sprint_symbol.isra.0':
> > > >> include/linux/fortify-string.h:52:29: warning: '__builtin_strcpy' source argument is the same as destination [-Wrestrict]
> > >       52 | #define __underlying_strcpy __builtin_strcpy
> > >          |                             ^
> > >    include/linux/fortify-string.h:567:10: note: in expansion of macro '__underlying_strcpy'
> > >      567 |   return __underlying_strcpy(p, q);
> > >          |          ^~~~~~~~~~~~~~~~~~~
> > 
> > The only strcpy() in __sprint_symbol() is:
> > 
> > 	if (name != buffer)
> > 		strcpy(buffer, name);
> > 
> > Which is explicitly not the same address...
> > 
> > This appears to be a GCC 9 false positive, maybe?
> 
> Sorry for our late reply. We tested this with various versions of gcc,
> and this error disappeared when building with GCC 10 and 11, so it is
> very likely to be a GCC 9 false positive. We will configure the bot to
> use compilers newer than GCC 9 to test um arch.

Sorry, we will keep testing um with GCC 9 and configure the bot to
ignore this specific warning.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ