lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <cae42faf-8900-8669-63bc-31e28a323099@iogearbox.net>
Date:   Wed, 6 Feb 2019 15:52:54 +0100
From:   Daniel Borkmann <daniel@...earbox.net>
To:     Breno Leitao <leitao@...ian.org>, netdev@...r.kernel.org
Cc:     ast@...nel.org, davem@...emloft.net
Subject: Re: [PATCH v2] bpf: test_maps: Avoid possible out of bound access

On 02/05/2019 06:12 PM, Breno Leitao wrote:
> When compiling test_maps selftest with GCC-8, it warns that an array might
> be indexed with a negative value, which could cause a negative out of bound
> access, depending on parameters of the function. This is the GCC-8 warning:
> 
> 	gcc -Wall -O2 -I../../../include/uapi -I../../../lib -I../../../lib/bpf -I../../../../include/generated -DHAVE_GENHDR -I../../../include    test_maps.c /home/breno/Devel/linux/tools/testing/selftests/bpf/libbpf.a -lcap -lelf -lrt -lpthread -o /home/breno/Devel/linux/tools/testing/selftests/bpf/test_maps
> 	In file included from test_maps.c:16:
> 	test_maps.c: In function ‘run_all_tests’:
> 	test_maps.c:1079:10: warning: array subscript -1 is below array bounds of ‘pid_t[<Ube20> + 1]’ [-Warray-bounds]
> 	   assert(waitpid(pid[i], &status, 0) == pid[i]);
> 		  ^~~~~~~~~~~~~~~~~~~~~~~~~~~
> 	test_maps.c:1059:6: warning: array subscript -1 is below array bounds of ‘pid_t[<Ube20> + 1]’ [-Warray-bounds]
> 	   pid[i] = fork();
> 	   ~~~^~~
> 
> This patch simply guarantees that the task(s) variables are unsigned, thus,
> they could never be a negative number, hence avoiding an out of bound access
> warning.
> 
> Signed-off-by: Breno Leitao <leitao@...ian.org>

Given this is a false positive anyway and we only want to reduce gcc noise, I've
applied it to bpf-next, thanks Breno!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ