| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <299db7b3-dc90-18b6-759e-08d36eed3539@gmail.com> Date: Fri, 21 Sep 2018 08:54:21 -0700 From: David Ahern <dsahern@...il.com> To: Florian Westphal <fw@...len.de>, netdev@...r.kernel.org Subject: Re: [PATCH ipsec] net: xfrm: pass constant family to nf_hook function On 9/21/18 3:35 AM, Florian Westphal wrote: > Unfortunately some versions of gcc emit following warning: > linux/compiler.h:252:20: warning: array subscript is above array bounds [-Warray-bounds] > hook_head = rcu_dereference(net->nf.hooks_arp[hook]); > ^~~~~~~~~~~~~~~~~~~~~ > xfrm_output_resume passes non-const 'pf' argument so compiler can't know > that the affected statement above will never be executed (we only > pass either NFPROTO_IPV4 or NFPROTO_IPV6), this change makes this > explicit. > > Another solution would be to increase hooks_arp[] size, but that > increases struct net size needlesly. > > Reported-by: David Ahern <dsahern@...il.com> > Signed-off-by: Florian Westphal <fw@...len.de> > --- > David, i hope this will silence the warning, would be nice > if you could test it. I still the warning. > > I don't really like this patch, but I see no better solution > expect needless increase of hooks_arp[]. > > Any other idea? > I don't have any time in the next week to look into it. Sounds like you are not able to reproduce the output. It just debian stretch and gcc version 6.3.0 20170516 (Debian 6.3.0-18+deb9u1).
Powered by blists - more mailing lists