lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-Id: <20190204.091556.573000354135023057.davem@davemloft.net> Date: Mon, 04 Feb 2019 09:15:56 -0800 (PST) From: David Miller <davem@...emloft.net> To: leitao@...ian.org Cc: netdev@...r.kernel.org, daniel@...earbox.net, ast@...nel.org Subject: Re: [PATCH] bpf: test_maps: Avoid possible out of bound access From: Breno Leitao <leitao@...ian.org> Date: Mon, 4 Feb 2019 14:27:11 -0200 > When compiling test_maps selftest with GCC-8, it warns that an array might > be indexed with a negative value, which could cause a negative out of bound > access, depending on parameters of the function. This is the GCC-8 warning: > > gcc -Wall -O2 -I../../../include/uapi -I../../../lib -I../../../lib/bpf -I../../../../include/generated -DHAVE_GENHDR -I../../../include test_maps.c /home/breno/Devel/linux/tools/testing/selftests/bpf/libbpf.a -lcap -lelf -lrt -lpthread -o /home/breno/Devel/linux/tools/testing/selftests/bpf/test_maps > In file included from test_maps.c:16: > test_maps.c: In function ‘run_all_tests’: > test_maps.c:1079:10: warning: array subscript -1 is below array bounds of ‘pid_t[<Ube20> + 1]’ [-Warray-bounds] > assert(waitpid(pid[i], &status, 0) == pid[i]); > ^~~~~~~~~~~~~~~~~~~~~~~~~~~ > test_maps.c:1059:6: warning: array subscript -1 is below array bounds of ‘pid_t[<Ube20> + 1]’ [-Warray-bounds] > pid[i] = fork(); > ~~~^~~ > > This patch simply guarantees that the tasks variable is unsigned, thus, it > could never be a negative number, hence avoiding an out of bound access > warning. > > Signed-off-by: Breno Leitao <leitao@...ian.org> As good a fix as any... Acked-by: David S. Miller <davem@...emloft.net>
Powered by blists - more mailing lists