On 1/9/24 03:07, Dan Carpenter wrote:
On Mon, Jan 08, 2024 at 08:05:38PM -0600, Gustavo A. R. Silva wrote:
Gustavo quoted:
"Under FORTIFY_SOURCE we should not copy data across multiple members
in a structure."
Reported-by: syzkaller <[email protected]>
Suggested-by: Vegard Nossum <[email protected]>
Suggested-by: Gustavo A. R. Silva <[email protected]>
Signed-off-by: Harshit Mogalapalli <[email protected]>
Thanks for getting this fixed!
Yeah, it's a "false positive" in the sense that the code was expecting
It's a false positive _bug_, and a legitimate _warning_ coming from fortified
memcpy().
It really feels like you're trying to sell the cost of this as a good
thing... We've already merged fortify so why are you still fighting
No, I'm just describing (here[1] and below), clear and concise, what fortify
is doing in this particular case, in response to your first intervention
in this thread[3].
"The warning is triggered because of a write beyond the boundaries of
`dg_info->msg`."[2]
You're arguing that fortify caused a problem. I'm describing the reason
why the feature triggered the warning. That's it, I guess.
Thanks
--
Gustavo
[1]
https://lore.kernel.org/linux-hardening/[email protected]/
[2]
https://lore.kernel.org/linux-hardening/[email protected]/
[3]
https://lore.kernel.org/linux-hardening/[email protected]/
