| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <202307251104.74C96AF830@keescook>
Date: Tue, 25 Jul 2023 11:05:21 -0700
From: Kees Cook <keescook@...omium.org>
To: Kuniyuki Iwashima <kuniyu@...zon.com>
Cc: "David S. Miller" <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>,
Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>,
Willem de Bruijn <willemdebruijn.kernel@...il.com>,
"Gustavo A. R. Silva" <gustavoars@...nel.org>,
Breno Leitao <leitao@...ian.org>,
Kuniyuki Iwashima <kuni1840@...il.com>, netdev@...r.kernel.org
Subject: Re: [PATCH v3 net 0/2] net: Fix error/warning by
-fstrict-flex-arrays=3.
On Mon, Jul 24, 2023 at 02:34:23PM -0700, Kuniyuki Iwashima wrote:
> df8fc4e934c1 ("kbuild: Enable -fstrict-flex-arrays=3") started applying
> strict rules for standard string functions (strlen(), memcpy(), etc.) if
> CONFIG_FORTIFY_SOURCE=y.
>
> This series fixes two false positives caught by syzkaller.
>
>
> Changes:
> v3:
> * Drop Reviewed-by
> * Patch 1: Use strnlen()
> * Patch 2: Add a new flex array member
>
> v2: https://lore.kernel.org/netdev/20230720004410.87588-1-kuniyu@amazon.com/
> * Patch 2: Fix offset calc.
>
> v1: https://lore.kernel.org/netdev/20230719185322.44255-1-kuniyu@amazon.com/
>
>
> Kuniyuki Iwashima (2):
> af_unix: Fix fortify_panic() in unix_bind_bsd().
> af_packet: Fix warning of fortified memcpy() in packet_getname().
>
> include/uapi/linux/if_packet.h | 6 +++++-
> net/packet/af_packet.c | 2 +-
> net/unix/af_unix.c | 6 ++----
> 3 files changed, 8 insertions(+), 6 deletions(-)
>
> --
> 2.30.2
>
Thanks for updating and testing!
Reviewed-by: Kees Cook <keescook@...omium.org>
--
Kees Cook
Powered by blists - more mailing lists