From: Simon Horman <simon.horman@corigine.com>
To: "Gustavo A. R. Silva" <gustavoars@kernel.org>
Cc: Johannes Berg <johannes@sipsolutions.net>,
"David S. Miller" <davem@davemloft.net>,
Eric Dumazet <edumazet@google.com>,
Jakub Kicinski <kuba@kernel.org>, Paolo Abeni <pabeni@redhat.com>,
linux-wireless@vger.kernel.org, netdev@vger.kernel.org,
linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org
Subject: Re: [PATCH][next] wifi: wext-core: Fix -Wstringop-overflow warning in ioctl_standard_iw_point()
Date: Fri, 16 Jun 2023 10:42:42 +0200 [thread overview]
Message-ID: <ZIwgghjAuMQtc5ll@corigine.com> (raw)
In-Reply-To: <ZItSlzvIpjdjNfd8@work>
On Thu, Jun 15, 2023 at 12:04:07PM -0600, Gustavo A. R. Silva wrote:
> -Wstringop-overflow is legitimately warning us about extra_size
> pontentially being zero at some point, hence potenially ending
nit: checkpatch --codespell suggests: potenially -> potentially
> up _allocating_ zero bytes of memory for extra pointer and then
> trying to access such object in a call to copy_from_user().
>
> Fix this by adding a sanity check to ensure we never end up
> trying to allocate zero bytes of data for extra pointer, before
> continue executing the rest of the code in the function.
>
> Address the following -Wstringop-overflow warning seen when built
> m68k architecture with allyesconfig configuration:
> from net/wireless/wext-core.c:11:
> In function '_copy_from_user',
> inlined from 'copy_from_user' at include/linux/uaccess.h:183:7,
> inlined from 'ioctl_standard_iw_point' at net/wireless/wext-core.c:825:7:
> arch/m68k/include/asm/string.h:48:25: warning: '__builtin_memset' writing 1 or more bytes into a region of size 0 overflows the destination [-Wstringop-overflow=]
> 48 | #define memset(d, c, n) __builtin_memset(d, c, n)
> | ^~~~~~~~~~~~~~~~~~~~~~~~~
> include/linux/uaccess.h:153:17: note: in expansion of macro 'memset'
> 153 | memset(to + (n - res), 0, res);
> | ^~~~~~
> In function 'kmalloc',
> inlined from 'kzalloc' at include/linux/slab.h:694:9,
> inlined from 'ioctl_standard_iw_point' at net/wireless/wext-core.c:819:10:
> include/linux/slab.h:577:16: note: at offset 1 into destination object of size 0 allocated by '__kmalloc'
> 577 | return __kmalloc(size, flags);
> | ^~~~~~~~~~~~~~~~~~~~~~
>
> This help with the ongoing efforts to globally enable
> -Wstringop-overflow.
>
> Link: https://github.com/KSPP/linux/issues/315
> Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
Reviewed-by: Simon Horman <simon.horman@corigine.com>
prev parent reply other threads:[~2023-06-16 8:42 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-15 18:04 [PATCH][next] wifi: wext-core: Fix -Wstringop-overflow warning in ioctl_standard_iw_point() Gustavo A. R. Silva
2023-06-16 8:42 ` Simon Horman [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZIwgghjAuMQtc5ll@corigine.com \
--to=simon.horman@corigine.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=gustavoars@kernel.org \
--cc=johannes@sipsolutions.net \
--cc=kuba@kernel.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-wireless@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).