From patchwork Mon Jul 31 10:09:03 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arnd Bergmann X-Patchwork-Id: 108988 Delivered-To: patch@linaro.org Received: by 10.140.101.6 with SMTP id t6csp42167qge; Mon, 31 Jul 2017 03:09:56 -0700 (PDT) X-Received: by 10.84.209.165 with SMTP id y34mr16350805plh.396.1501495796300; Mon, 31 Jul 2017 03:09:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1501495796; cv=none; d=google.com; s=arc-20160816; b=CQ9l8fWqljUQoCpXO+i1we8+RoLfOIraIvPL1K6egkcuy2Vcq8+wDm9RWKnyuq6ssk WyNnNHhJOa6nAvK5BDBKi/nALQ3SIvxSjpnRHGuL7XPuK+Pn//QS4M9inH/lvWwK7AO9 LhzM8/pj9R1N+hGFjo68S0rkbxRHtYSfYl2VpLw7HE9hKgN/LoW5ZwN/dqQY8sXtdviq A+ZgnN3iouG0dLQqNzedIVgqVNtQccIyoMsGOQuHjRZoz3Ew/Hd1K/kIXiZwi+7BHiy+ H6darT/UrW5zLbAu2gdjKu9lQvAN0nHGlrvLGKsq1uuLoKqOPA5drZwYA8A1mUUe0YiK SeSg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from :arc-authentication-results; bh=gIRrkd7Ig+QxzOwVnVVgj2Rs9pZklJh9XUPOYFiQfOQ=; b=cwgx68v4kFNFsB1n7F0ms9SWPVw/sngxTISHHUlHyM8daW5paSxcaaCuXzgWV9GSAU q5BdI8q/MeEK6FKYQ95M7Twq1j37rf0YzmO7CE0FHXV1B0Dww0PW/dlKs+9lobX0kOhF AfkFVioHk0MSqnsVt7niHNuc1N4Xm4erO6hhDUNqla6Npaoi5KKGdjd2mmtSZqTA5FnO GW+CW6XWy6WC5l1affLLBgX+FMi3QP3IO1DdzXdrV988u5Uw5ZefCjuFuy22bE/tn9Tw W5BvGNYFHyjqxA6o2SZwd/u+1pW9x65Xi0d1d0e6rwRTXx0blpyIuTlUKFPoJlA9kWS0 207g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id y2si8645065plh.5.2017.07.31.03.09.55; Mon, 31 Jul 2017 03:09:56 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752082AbdGaKJx (ORCPT + 26 others); Mon, 31 Jul 2017 06:09:53 -0400 Received: from mout.kundenserver.de ([217.72.192.75]:65109 "EHLO mout.kundenserver.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751271AbdGaKJv (ORCPT ); Mon, 31 Jul 2017 06:09:51 -0400 Received: from wuerfel.lan ([78.43.238.10]) by mrelayeu.kundenserver.de (mreue104 [212.227.15.145]) with ESMTPA (Nemesis) id 0MYNUn-1d7AUx1Mbh-00VAfH; Mon, 31 Jul 2017 12:09:18 +0200 From: Arnd Bergmann To: Pablo Neira Ayuso , Jozsef Kadlecsik , Florian Westphal , "David S. Miller" Cc: Arnd Bergmann , Johannes Berg , Alexey Dobriyan , Aaron Conole , netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH] netfilter: fix stringop-overflow warning with UBSAN Date: Mon, 31 Jul 2017 12:09:03 +0200 Message-Id: <20170731100913.465530-1-arnd@arndb.de> X-Mailer: git-send-email 2.9.0 X-Provags-ID: V03:K0:vX7DEeNq3S8QMSYQwq/TcomwFsYDr5ErxdkcC2qCCyM7cye/GGt dWjhJ59gZ4wrxpvXPMYE/5J/2w2AnnaWDvWA+i4Z47kwO0OJh3GT8Ky55KQDLpRHz4tzRsJ lbqLOHZeQeHNZrDFPZrtoByX70/MwVvjugRrDkGSwRr5KaKi3XA41yRvhP8inkVxpfc1Axl cAAq/xDCTXA5bO+OM+QPg== X-UI-Out-Filterresults: notjunk:1; V01:K0:S5xzQ2+qaUY=:sUs7VrIdP+R0089PH2ADZF QF+0tdH9wZLULp22XBuDa85rZKS0onCx1+SRhIbM5MZUAqryBSsv1Fo+mBfRKEj41/xzuzZ8h ycnZa80nV1EoWHB7cOSG5DK619NBkitLD1rWgXJuT9MexecnhQF4bBp/0Qp9d9TA+yGHGH2IN GuKfAVmCDG+ev2c9TOqCGXaa3E2BpMFq6daEiwDRO6yg/t4h0rpazydx6JOtMkjYJR8S+vGRx 0p4S5t3xzLGJhojOWEEdrb1GnLNZP9L/bKPbmhmVkunehZuHjyPsjChqsuZI/6QE4YgRDlD/I uoxhRK4+NkcyF9xdkJRsAVMN9XkvCEbx7tCwY+UkTwAmaoDkBN8l1P9qUjLstxx4wOqGQUQTD CI683jpzk15q4JXxNkxG5h03OlFP50P/+9XXolKgOJy1O8Y+8fyToFp1ls3QGlkYXrYBahEiv Sijsn4fOPgWK/0Qw4jSfYP1ttijeZecb1ECi1URA/pXf8Z+QJw6ZisKGw5jZJQV2wRlUX2Jg5 woKm5v5qexZDaDa00wO3TXjpAkZYUjhVGnB8nqX3hUepaO+BDUNiZ295+jVZQodast5BOk5m6 YIaVqlbLR3YuX8/GEy9V+UasYaKUUGthhB59pjJ7XtHqinA4zdrKo1uMdr4bdXpVwoc1fyO+I fvnL8uL/vNAp3z4ZZteeF31c+YdVBmmSPbUmmssxqDF25eK/+XURIAE6gEcVlfCeB5XfpVGGg FmK3IDKkycpSeKiL9d377a2sYfA3BP85IgHtNA== Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Using gcc-7 with UBSAN enabled, we get this false-positive warning: net/netfilter/ipset/ip_set_core.c: In function 'ip_set_sockfn_get': net/netfilter/ipset/ip_set_core.c:1998:3: error: 'strncpy' writing 32 bytes into a region of size 2 overflows the destination [-Werror=stringop-overflow=] strncpy(req_get->set.name, set ? set->name : "", ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ sizeof(req_get->set.name)); ~~~~~~~~~~~~~~~~~~~~~~~~~~ This seems completely bogus, and I could not find a nice workaround. To work around it in a less elegant way, I change the ?: operator into an if()/else() construct. Signed-off-by: Arnd Bergmann --- net/netfilter/ipset/ip_set_core.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) -- 2.9.0 diff --git a/net/netfilter/ipset/ip_set_core.c b/net/netfilter/ipset/ip_set_core.c index e495b5e484b1..d7ebb021003b 100644 --- a/net/netfilter/ipset/ip_set_core.c +++ b/net/netfilter/ipset/ip_set_core.c @@ -1995,8 +1995,12 @@ ip_set_sockfn_get(struct sock *sk, int optval, void __user *user, int *len) } nfnl_lock(NFNL_SUBSYS_IPSET); set = ip_set(inst, req_get->set.index); - strncpy(req_get->set.name, set ? set->name : "", - IPSET_MAXNAMELEN); + if (set) + strncpy(req_get->set.name, set->name, + sizeof(req_get->set.name)); + else + memset(req_get->set.name, '\0', + sizeof(req_get->set.name)); nfnl_unlock(NFNL_SUBSYS_IPSET); goto copy; }