lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Tue, 30 Jan 2024 08:38:10 -0800
From: Guenter Roeck <linux@...ck-us.net>
To: Helge Deller <deller@....de>, Geert Uytterhoeven <geert@...ux-m68k.org>,
 linux-kernel@...r.kernel.org
Cc: sparclinux@...r.kernel.org, linux-parisc@...r.kernel.org,
 linux-hwmon@...r.kernel.org, intel-xe@...ts.freedesktop.org
Subject: Re: Build regressions/improvements in v6.8-rc2

On 1/29/24 23:49, Helge Deller wrote:
> On 1/29/24 15:58, Guenter Roeck wrote:
>> On 1/29/24 03:06, Geert Uytterhoeven wrote:
>> [ ... ]
>>> parisc-gcc1[23]/parisc-{allmod,def}config
>>>
>>>    + /kisskb/src/drivers/hwmon/pc87360.c: error: writing 1 byte into a region of size 0 [-Werror=stringop-overflow=]:  => 383:51
>>>
>>
>> The "fix" for this problem would be similar to commit 4265eb062a73 ("hwmon: (pc87360)
>> Bounds check data->innr usage"). The change would be something like
>>
>> -               for (i = 0; i < data->tempnr; i++) {
>> +               for (i = 0; i < min(data->tempnr, ARRAY_SIZE(data->temp_max)); i++) {
>>
>> but that would be purely random because the loop accesses several arrays
>> indexed with i, and tempnr is never >= ARRAY_SIZE(data->temp_max).
>> I kind of resist making such changes to the code just because the compiler
>> is clueless.
> 
> I agree with your analysis.
> But I'm wondering why this warning just seem to appear on parisc.
> I would expect gcc on other platforms to complain as well ?!?
> 

I have seen that problem before, where specifically gcc for x86 doesn't even
generate warnings for really problematic code but gcc for other architectures
does. I never found out what causes this. Don't ask me for examples, I didn't
write it down, forgot specifics, and just accepted it as "one of those things".

Guenter

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ