lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 30 Nov 2023 10:26:56 +0100
From: Krzysztof Kozlowski <krzysztof.kozlowski@...aro.org>
To: Dmitry Antipov <dmantipov@...dex.ru>
Cc: netdev@...r.kernel.org
Subject: Re: [PATCH] nfc: pn533: fix fortify warning

On 29/11/2023 18:03, Dmitry Antipov wrote:
> When compiling with gcc version 14.0.0 20231129 (experimental) and
> CONFIG_FORTIFY_SOURCE=y, I've noticed the following:
> 
> In file included from ./include/linux/string.h:295,
>                  from ./include/linux/bitmap.h:12,
>                  from ./include/linux/cpumask.h:12,
>                  from ./arch/x86/include/asm/paravirt.h:17,
>                  from ./arch/x86/include/asm/irqflags.h:60,
>                  from ./include/linux/irqflags.h:17,
>                  from ./include/linux/rcupdate.h:26,
>                  from ./include/linux/rculist.h:11,
>                  from ./include/linux/pid.h:5,
>                  from ./include/linux/sched.h:14,
>                  from ./include/linux/ratelimit.h:6,
>                  from ./include/linux/dev_printk.h:16,
>                  from ./include/linux/device.h:15,

Not that relevant...

>                  from drivers/nfc/pn533/pn533.c:9:
> In function 'fortify_memcpy_chk',
>     inlined from 'pn533_target_found_felica' at drivers/nfc/pn533/pn533.c:781:2:
> ./include/linux/fortify-string.h:588:25: warning: call to '__read_overflow2_field'
> declared with attribute warning: detected read beyond size of field (2nd parameter);

This is unreadable. Please trim the logs to relevant parts preserving
formatting.

> maybe use struct_group()? [-Wattribute-warning]
>   588 |                         __read_overflow2_field(q_size_field, size);
> 
> Here the fortification logic interprets call to 'memcpy()' as an attempt
> to copy an amount of data which exceeds the size of the specified field
> (9 bytes from 1-byte 'opcode') and thus issues an overread warning -
> which is silenced by using the convenient 'struct_group()' quirk.


Reviewed-by: Krzysztof Kozlowski <krzysztof.kozlowski@...aro.org>

The subject PATCH should be with net-next, so it will be recognized by
net-dev patchwork.

Best regards,
Krzysztof


Powered by blists - more mailing lists