lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20230509212125.15880-8-stephen@networkplumber.org>
Date: Tue,  9 May 2023 14:21:21 -0700
From: Stephen Hemminger <stephen@...workplumber.org>
To: netdev@...r.kernel.org
Cc: Stephen Hemminger <stephen@...workplumber.org>
Subject: [PATCH iproute2 07/11] m_action: fix warning of overwrite of const string

The function get_action_kind() searches first for the given
action, then rescans on failure for "gact". In the process,
it would overwrite the argument.  Avoid the warning
by using a const argument and not copying.

The problem dates back to pre-git history.

m_action.c: In function ‘get_action_kind’:
m_action.c:126:17: warning: write to string literal [-Wanalyzer-write-to-string-literal]
  126 |                 strcpy(str, "gact");
      |                 ^~~~~~~~~~~~~~~~~~~
  ‘do_action’: events 1-6
    |
    |  853 | int do_action(int argc, char **argv)
    |      |     ^~~~~~~~~
    |      |     |
    |      |     (1) entry to ‘do_action’
    |......
    |  858 |         while (argc > 0) {
    |      |                ~~~~~~~~
    |      |                     |
    |      |                     (2) following ‘true’ branch...
    |  859 |
    |  860 |                 if (matches(*argv, "add") == 0) {
    |      |                    ~~~~~~~~~~~~~~~~~~~~~~
    |      |                    ||
    |      |                    |(3) ...to here
    |      |                    (4) following ‘false’ branch...
    |  861 |                         ret =  tc_action_modify(RTM_NEWACTION,
    |      |                                ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |                                |
    |      |                                (5) ...to here
    |      |                                (6) calling ‘tc_action_modify’ from ‘do_action’
    |  862 |                                                 NLM_F_EXCL | NLM_F_CREATE,
    |      |                                                 ~~~~~~~~~~~~~~~~~~~~~~~~~~
    |  863 |                                                 &argc, &argv);
    |      |                                                 ~~~~~~~~~~~~~
    |
    +--> ‘tc_action_modify’: events 7-8
           |
           |  715 | static int tc_action_modify(int cmd, unsigned int flags,
           |      |            ^~~~~~~~~~~~~~~~
           |      |            |
           |      |            (7) entry to ‘tc_action_modify’
           |......
           |  735 |         if (parse_action(&argc, &argv, TCA_ACT_TAB, &req.n)) {
           |      |             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
           |      |             |
           |      |             (8) calling ‘parse_action’ from ‘tc_action_modify’
           |
           +--> ‘parse_action’: events 9-18
                  |
                  |  203 | int parse_action(int *argc_p, char ***argv_p, int tca_id, struct nlmsghdr *n)
                  |      |     ^~~~~~~~~~~~
                  |      |     |
                  |      |     (9) entry to ‘parse_action’
                  |......
                  |  217 |         if (argc <= 0)
                  |      |            ~
                  |      |            |
                  |      |            (10) following ‘false’ branch...
                  |......
                  |  220 |         tail2 = addattr_nest(n, MAX_MSG, tca_id);
                  |      |                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                  |      |                 |
                  |      |                 (11) ...to here
                  |  221 |
                  |  222 |         while (argc > 0) {
                  |      |                ~~~~~~~~
                  |      |                     |
                  |      |                     (12) following ‘true’ branch...
                  |  223 |
                  |  224 |                 memset(k, 0, sizeof(k));
                  |      |                 ~~~~~~~~~~~~~~~~~~~~~~~
                  |      |                 |
                  |      |                 (13) ...to here
                  |  225 |
                  |  226 |                 if (strcmp(*argv, "action") == 0) {
                  |      |                    ~
                  |      |                    |
                  |      |                    (14) following ‘true’ branch (when the strings are equal)...
                  |  227 |                         argc--;
                  |      |                         ~~~~~~
                  |      |                             |
                  |      |                             (15) ...to here
                  |......
                  |  231 |                         if (!gact_ld)
                  |      |                            ~
                  |      |                            |
                  |      |                            (16) following ‘true’ branch...
                  |  232 |                                 get_action_kind("gact");
                  |      |                                 ~~~~~~~~~~~~~~~~~~~~~~~
                  |      |                                 |
                  |      |                                 (17) ...to here
                  |      |                                 (18) calling ‘get_action_kind’ from ‘parse_action’
                  |
                  +--> ‘get_action_kind’: events 19-24
                         |
                         |   86 | static struct action_util *get_action_kind(char *str)
                         |      |                            ^~~~~~~~~~~~~~~
                         |      |                            |
                         |      |                            (19) entry to ‘get_action_kind’
                         |......
                         |  114 |         if (a == NULL)
                         |      |            ~
                         |      |            |
                         |      |            (20) following ‘true’ branch (when ‘a’ is NULL)...
                         |  115 |                 goto noexist;
                         |      |                 ~~~~
                         |      |                 |
                         |      |                 (21) ...to here
                         |......
                         |  124 |         if (!looked4gact) {
                         |      |            ~
                         |      |            |
                         |      |            (22) following ‘true’ branch (when ‘looked4gact == 0’)...
                         |  125 |                 looked4gact = 1;
                         |  126 |                 strcpy(str, "gact");
                         |      |                 ~~~~~~~~~~~~~~~~~~~
                         |      |                 |
                         |      |                 (23) ...to here
                         |      |                 (24) write to string literal here
                         |

Signed-off-by: Stephen Hemminger <stephen@...workplumber.org>
---
 tc/m_action.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tc/m_action.c b/tc/m_action.c
index a446cabdb98c..16474c56118c 100644
--- a/tc/m_action.c
+++ b/tc/m_action.c
@@ -83,7 +83,7 @@ static int parse_noaopt(struct action_util *au, int *argc_p,
 	return -1;
 }
 
-static struct action_util *get_action_kind(char *str)
+static struct action_util *get_action_kind(const char *str)
 {
 	static void *aBODY;
 	void *dlh;
@@ -123,7 +123,7 @@ noexist:
 #ifdef CONFIG_GACT
 	if (!looked4gact) {
 		looked4gact = 1;
-		strcpy(str, "gact");
+		str = "gact";
 		goto restart_s;
 	}
 #endif
-- 
2.39.2


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ