| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aSR1FU6uCqpOUFeb@smile.fi.intel.com> Date: Mon, 24 Nov 2025 17:09:09 +0200 From: "andriy.shevchenko@...ux.intel.com" <andriy.shevchenko@...ux.intel.com> To: Viacheslav Dubeyko <Slava.Dubeyko@....com> Cc: Xiubo Li <xiubli@...hat.com>, "justinstitt@...gle.com" <justinstitt@...gle.com>, "llvm@...ts.linux.dev" <llvm@...ts.linux.dev>, "ceph-devel@...r.kernel.org" <ceph-devel@...r.kernel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "nathan@...nel.org" <nathan@...nel.org>, "morbo@...gle.com" <morbo@...gle.com>, "idryomov@...il.com" <idryomov@...il.com>, "nick.desaulniers+lkml@...il.com" <nick.desaulniers+lkml@...il.com> Subject: Re: [PATCH v1 1/1] ceph: Amend checking to fix `make W=1` build breakage On Mon, Nov 10, 2025 at 08:42:13PM +0000, Viacheslav Dubeyko wrote: > On Mon, 2025-11-10 at 21:43 +0200, andriy.shevchenko@...ux.intel.com wrote: > > On Mon, Nov 10, 2025 at 07:37:13PM +0000, Viacheslav Dubeyko wrote: > > > On Mon, 2025-11-10 at 15:44 +0100, Andy Shevchenko wrote: > > > > In a few cases the code compares 32-bit value to a SIZE_MAX derived > > > > constant which is much higher than that value on 64-bit platforms, > > > > Clang, in particular, is not happy about this > > > > > > > > fs/ceph/snap.c:377:10: error: result of comparison of constant 2305843009213693948 with expression of type 'u32' (aka 'unsigned int') is always false [-Werror,-Wtautological-constant-out-of-range-compare] > > > > 377 | if (num > (SIZE_MAX - sizeof(*snapc)) / sizeof(u64)) > > > > | ~~~ ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > > > > > > > Fix this by casting to size_t. Note, that possible replacement of SIZE_MAX > > > > by U32_MAX may lead to the behaviour changes on the corner cases. > > > > ... > > > > > > - if (num > (SIZE_MAX - sizeof(*snapc)) / sizeof(u64)) > > > > + if ((size_t)num > (SIZE_MAX - sizeof(*snapc)) / sizeof(u64)) > > > > > > The same question is here. Does it makes sense to declare num as size_t? Could > > > it be more clean solution? Or could it introduce another warnings/errors? > > > > Maybe. Or even maybe the U32_MAX is the way to go: Does anybody check those > > corner cases? Are those never tested? Potential (security) bug? > > > > ... > > > > Whatever you find, in case if it will be not the proposed solution as is, > > consider these patches as Reported-by. > > > > And thanks for the reviews! > > I think we can take the patch as it. It looks good. Probably, it makes sense to > take a deeper look in the code on our side. > > Reviewed-by: Viacheslav Dubeyko <Slava.Dubeyko@....com> Thanks, can this be applied? My builds are still broken. -- With Best Regards, Andy Shevchenko
Powered by blists - more mailing lists