[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <202402161343.DC688FDB@keescook>
Date: Fri, 16 Feb 2024 13:45:52 -0800
From: Kees Cook <keescook@...omium.org>
To: "Gustavo A . R . Silva" <gustavoars@...nel.org>
Cc: Nathan Chancellor <nathan@...nel.org>, linux-hardening@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] fortify: Include more details when reporting overflows
On Fri, Feb 16, 2024 at 12:39:41PM -0800, Kees Cook wrote:
> When a memcpy() would exceed the length of an entire structure, no
> detailed WARN would be emitted, making debugging a bit more challenging.
> Similarly, other buffer overflow reports would have no size information
> reported.
>
> Always warn for memcpy() overflows, but distinguish between the two
> cases in the message before continuing (warn-only) or blocking the copy
> (hard-fail). Additionally add size information to existing overflow
> reports.
>
> Signed-off-by: Kees Cook <keescook@...omium.org>
This will need a v2 ... something in my manipulations is triggering a
bizarre warning in Clang:
./fs/dlm/rcom.c:490:13: error: member reference type 'int' is not a pointer
490 | memcpy(rc->rc_buf, rc_in->rc_buf, sizeof(struct rcom_lock));
| ~~ ^
./include/linux/fortify-string.h:636:47: note: expanded from macro 'memcpy'
636 | #define memcpy(p, q, s) __fortify_memcpy_chk(p, q, s, \
| ^
./include/linux/fortify-string.h:591:20: note: expanded from macro '__fortify_memcpy_chk'
591 | __underlying_##op(p, q, __fortify_size); \
| ^
I'll track it down...
--
Kees Cook
Powered by blists - more mailing lists