mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/security
History
Arnd Bergmann c7de5dfbb8 security: commoncap: fix -Wstringop-overread warning 
commit 82e5d8cc76 upstream.

gcc-11 introdces a harmless warning for cap_inode_getsecurity:

security/commoncap.c: In function ‘cap_inode_getsecurity’:
security/commoncap.c:440:33: error: ‘memcpy’ reading 16 bytes from a region of size 0 [-Werror=stringop-overread]
  440 |                                 memcpy(&nscap->data, &cap->data, sizeof(__le32) * 2 * VFS_CAP_U32);
      |                                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

The problem here is that tmpbuf is initialized to NULL, so gcc assumes
it is not accessible unless it gets set by vfs_getxattr_alloc().  This is
a legitimate warning as far as I can tell, but the code is correct since
it correctly handles the error when that function fails.

Add a separate NULL check to tell gcc about it as well.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Christian Brauner <christian.brauner@ubuntu.com>
Signed-off-by: James Morris <jamorris@linux.microsoft.com>
Cc: Andrey Zhizhikin <andrey.z@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2021-05-22 10:57:21 +02:00
..
apparmor apparmor: don't try to replace stale label in ptraceme check 2020-06-30 15:37:57 -04:00
integrity certs: Fix blacklist flag type confusion 2021-03-03 18:22:46 +01:00
keys KEYS: trusted: Fix migratable=1 failing 2021-03-03 18:22:52 +01:00
loadpin security: mark LSM hooks as __ro_after_init 2017-03-06 11:00:15 +11:00
selinux selinux: fix inode_doinit_with_dentry() LABEL_INVALID error handling 2020-12-29 13:46:52 +01:00
smack smackfs: restrict bytes count in smackfs write functions 2021-03-07 11:27:43 +01:00
tomoyo License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
yama Yama: Check for pid death before checking ancestry 2019-01-23 08:09:48 +01:00
Kconfig /dev/mem: Add bounce buffer for copy-out 2018-03-24 11:01:24 +01:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
commoncap.c security: commoncap: fix -Wstringop-overread warning 2021-05-22 10:57:21 +02:00
device_cgroup.c device_cgroup: fix RCU imbalance in error case 2019-04-27 09:35:40 +02:00
inode.c securityfs: fix use-after-free on symlink traversal 2019-05-25 18:25:34 +02:00
lsm_audit.c dump_common_audit_data(): fix racy accesses to ->d_name 2021-01-23 15:48:43 +01:00
min_addr.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
security.c LSM: Check for NULL cred-security on free 2019-01-23 08:09:50 +01:00