[PATCH] fortify: Fix incorrect reporting of read buffer size

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH] fortify: Fix incorrect reporting of read buffer size
@ 2025-07-29 23:18 Kees Cook
  2025-07-29 23:46 ` Gustavo A. R. Silva
  0 siblings, 1 reply; 2+ messages in thread
From: Kees Cook @ 2025-07-29 23:18 UTC (permalink / raw)
  To: linux-hardening; +Cc: Kees Cook, linux-kernel

When FORTIFY_SOURCE reports about a run-time buffer overread, the wrong
buffer size was being shown in the error message. (The bounds checking
was correct.)

Fixes: 3d965b33e40d ("fortify: Improve buffer overflow reporting")
Signed-off-by: Kees Cook <kees@kernel.org>
---
Cc: <linux-hardening@vger.kernel.org>
---
 include/linux/fortify-string.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/linux/fortify-string.h b/include/linux/fortify-string.h
index e4ce1cae03bf..b3b53f8c1b28 100644
--- a/include/linux/fortify-string.h
+++ b/include/linux/fortify-string.h
@@ -596,7 +596,7 @@ __FORTIFY_INLINE bool fortify_memcpy_chk(__kernel_size_t size,
 	if (p_size != SIZE_MAX && p_size < size)
 		fortify_panic(func, FORTIFY_WRITE, p_size, size, true);
 	else if (q_size != SIZE_MAX && q_size < size)
-		fortify_panic(func, FORTIFY_READ, p_size, size, true);
+		fortify_panic(func, FORTIFY_READ, q_size, size, true);
 
 	/*
 	 * Warn when writing beyond destination field size.
-- 
2.34.1


^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [PATCH] fortify: Fix incorrect reporting of read buffer size
  2025-07-29 23:18 [PATCH] fortify: Fix incorrect reporting of read buffer size Kees Cook
@ 2025-07-29 23:46 ` Gustavo A. R. Silva
  0 siblings, 0 replies; 2+ messages in thread
From: Gustavo A. R. Silva @ 2025-07-29 23:46 UTC (permalink / raw)
  To: Kees Cook, linux-hardening; +Cc: linux-kernel



On 29/07/25 17:18, Kees Cook wrote:
> When FORTIFY_SOURCE reports about a run-time buffer overread, the wrong
> buffer size was being shown in the error message. (The bounds checking
> was correct.)
> 
> Fixes: 3d965b33e40d ("fortify: Improve buffer overflow reporting")
> Signed-off-by: Kees Cook <kees@kernel.org>

Reviewed-by: Gustavo A. R. Silva <gustavoars@kernel.org>

Thanks!
-Gustavo

> ---
> Cc: <linux-hardening@vger.kernel.org>
> ---
>   include/linux/fortify-string.h | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/include/linux/fortify-string.h b/include/linux/fortify-string.h
> index e4ce1cae03bf..b3b53f8c1b28 100644
> --- a/include/linux/fortify-string.h
> +++ b/include/linux/fortify-string.h
> @@ -596,7 +596,7 @@ __FORTIFY_INLINE bool fortify_memcpy_chk(__kernel_size_t size,
>   	if (p_size != SIZE_MAX && p_size < size)
>   		fortify_panic(func, FORTIFY_WRITE, p_size, size, true);
>   	else if (q_size != SIZE_MAX && q_size < size)
> -		fortify_panic(func, FORTIFY_READ, p_size, size, true);
> +		fortify_panic(func, FORTIFY_READ, q_size, size, true);
>   
>   	/*
>   	 * Warn when writing beyond destination field size.


^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2025-07-29 23:46 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-07-29 23:18 [PATCH] fortify: Fix incorrect reporting of read buffer size Kees Cook
2025-07-29 23:46 ` Gustavo A. R. Silva

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.