lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 29 Jan 2024 06:58:49 -0800
From: Guenter Roeck <linux@...ck-us.net>
To: Geert Uytterhoeven <geert@...ux-m68k.org>, linux-kernel@...r.kernel.org
Cc: sparclinux@...r.kernel.org, linux-parisc@...r.kernel.org,
 linux-hwmon@...r.kernel.org, intel-xe@...ts.freedesktop.org
Subject: Re: Build regressions/improvements in v6.8-rc2

On 1/29/24 03:06, Geert Uytterhoeven wrote:
[ ... ]
> parisc-gcc1[23]/parisc-{allmod,def}config
> 
>    + /kisskb/src/drivers/hwmon/pc87360.c: error: writing 1 byte into a region of size 0 [-Werror=stringop-overflow=]:  => 383:51
> 

The "fix" for this problem would be similar to commit 4265eb062a73 ("hwmon: (pc87360)
Bounds check data->innr usage"). The change would be something like

-               for (i = 0; i < data->tempnr; i++) {
+               for (i = 0; i < min(data->tempnr, ARRAY_SIZE(data->temp_max)); i++) {

but that would be purely random because the loop accesses several arrays
indexed with i, and tempnr is never >= ARRAY_SIZE(data->temp_max).
I kind of resist making such changes to the code just because the compiler
is clueless.

Are we sprinkling the kernel code with code like this to make the compiler happy ?

Guenter

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ