* drivers/of/pdt.c:58:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides bound...
@ 2022-04-05 1:35 kernel test robot
0 siblings, 0 replies; only message in thread
From: kernel test robot @ 2022-04-05 1:35 UTC (permalink / raw)
To: kbuild
[-- Attachment #1: Type: text/plain, Size: 20981 bytes --]
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
BCC: lkp(a)intel.com
CC: linux-kernel(a)vger.kernel.org
TO: Arnd Bergmann <arnd@arndb.de>
CC: Masahiro Yamada <masahiroy@kernel.org>
CC: Alex Shi <alexs@kernel.org>
CC: Nick Desaulniers <ndesaulniers@google.com>
CC: Miguel Ojeda <ojeda@kernel.org>
CC: Nathan Chancellor <nathan@kernel.org>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 3123109284176b1532874591f7c81f3837bbdc17
commit: e8c07082a810fbb9db303a2b66b66b8d7e588b53 Kbuild: move to -std=gnu11
date: 3 weeks ago
:::::: branch date: 28 hours ago
:::::: commit date: 3 weeks ago
config: i386-randconfig-c001-20220404 (https://download.01.org/0day-ci/archive/20220405/202204050946.WbtDwMqm-lkp(a)intel.com/config)
compiler: clang version 15.0.0 (https://github.com/llvm/llvm-project c4a1b07d0979e7ff20d7d541af666d822d66b566)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e8c07082a810fbb9db303a2b66b66b8d7e588b53
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout e8c07082a810fbb9db303a2b66b66b8d7e588b53
# save the config file to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=i386 clang-analyzer
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
^~~~~~~~
sound/soc/soc-core.c:3140:2: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
snprintf(prop, sizeof(prop), "%sbitclock-inversion", prefix);
^~~~~~~~
sound/soc/soc-core.c:3143:2: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
snprintf(prop, sizeof(prop), "%sframe-inversion", prefix);
^~~~~~~~
sound/soc/soc-core.c:3143:2: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
snprintf(prop, sizeof(prop), "%sframe-inversion", prefix);
^~~~~~~~
sound/soc/soc-core.c:3180:2: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
snprintf(prop, sizeof(prop), "%sbitclock-master", prefix);
^~~~~~~~
sound/soc/soc-core.c:3180:2: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
snprintf(prop, sizeof(prop), "%sbitclock-master", prefix);
^~~~~~~~
sound/soc/soc-core.c:3185:2: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
snprintf(prop, sizeof(prop), "%sframe-master", prefix);
^~~~~~~~
sound/soc/soc-core.c:3185:2: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
snprintf(prop, sizeof(prop), "%sframe-master", prefix);
^~~~~~~~
Suppressed 63 warnings (63 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
55 warnings generated.
drivers/usb/core/message.c:286:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(driver_data, data, size);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
drivers/usb/core/message.c:286:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(driver_data, data, size);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
drivers/usb/core/message.c:789:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(buf, 0, size); /* Make sure we parse really received data */
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
drivers/usb/core/message.c:789:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(buf, 0, size); /* Make sure we parse really received data */
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
drivers/usb/core/message.c:1034:4: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(smallbuf, buf, len);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
drivers/usb/core/message.c:1034:4: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(smallbuf, buf, len);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
drivers/usb/core/message.c:1073:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(&dev->descriptor, desc, size);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
drivers/usb/core/message.c:1073:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(&dev->descriptor, desc, size);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
drivers/usb/core/message.c:1709:2: warning: Value stored to 'retval' is never read [clang-analyzer-deadcode.DeadStores]
retval = 0;
^ ~
drivers/usb/core/message.c:1709:2: note: Value stored to 'retval' is never read
retval = 0;
^ ~
drivers/usb/core/message.c:2301:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(hdr, 0x00, sizeof(struct usb_cdc_parsed_header));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
drivers/usb/core/message.c:2301:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(hdr, 0x00, sizeof(struct usb_cdc_parsed_header));
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
Suppressed 49 warnings (49 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
31 warnings generated.
drivers/of/pdt.c:52:3: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
strcpy(buf, name);
^~~~~~
drivers/of/pdt.c:52:3: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
strcpy(buf, name);
^~~~~~
>> drivers/of/pdt.c:58:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(buf, "%s(a)unknown%i", name, failsafe_id++);
^~~~~~~
drivers/of/pdt.c:58:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(buf, "%s(a)unknown%i", name, failsafe_id++);
^~~~~~~
drivers/of/pdt.c:76:3: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(p, 0, sizeof(*p) + 32);
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
drivers/of/pdt.c:76:3: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(p, 0, sizeof(*p) + 32);
^
arch/x86/include/asm/string_32.h:195:29: note: expanded from macro 'memset'
#define memset(s, c, count) __builtin_memset(s, c, count)
^~~~~~~~~~~~~~~~
drivers/of/pdt.c:85:3: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
strcpy(p->name, special_name);
^~~~~~
drivers/of/pdt.c:85:3: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
strcpy(p->name, special_name);
^~~~~~
drivers/of/pdt.c:88:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(p->value, special_val, special_len);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
drivers/of/pdt.c:88:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(p->value, special_val, special_len);
^
arch/x86/include/asm/string_32.h:150:25: note: expanded from macro 'memcpy'
#define memcpy(t, f, n) __builtin_memcpy(t, f, n)
^~~~~~~~~~~~~~~~
drivers/of/pdt.c:138:3: warning: Value stored to 'len' is never read [clang-analyzer-deadcode.DeadStores]
len = of_pdt_prom_ops->getproperty(node, name, buf, len);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/of/pdt.c:138:3: note: Value stored to 'len' is never read
len = of_pdt_prom_ops->getproperty(node, name, buf, len);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Suppressed 25 warnings (25 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
23 warnings generated.
drivers/base/bus.c:873:18: warning: Access to field 'drivers_kset' results in a dereference of a null pointer (loaded from field 'p') [clang-analyzer-core.NullDereference]
kset_unregister(bus->p->drivers_kset);
^
drivers/base/bus.c:1139:9: note: Calling 'subsys_register'
return subsys_register(subsys, groups, &system_kset->kobj);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/base/bus.c:1083:8: note: Calling 'bus_register'
err = bus_register(subsys);
^~~~~~~~~~~~~~~~~~~~
drivers/base/bus.c:788:6: note: Assuming 'priv' is non-null
if (!priv)
^~~~~
drivers/base/bus.c:788:2: note: Taking false branch
if (!priv)
^
drivers/base/bus.c:794:2: note: Loop condition is false. Exiting loop
BLOCKING_INIT_NOTIFIER_HEAD(&priv->bus_notifier);
^
include/linux/notifier.h:85:3: note: expanded from macro 'BLOCKING_INIT_NOTIFIER_HEAD'
init_rwsem(&(name)->rwsem); \
^
include/linux/rwsem.h:106:30: note: expanded from macro 'init_rwsem'
#define init_rwsem(sem) \
^
drivers/base/bus.c:794:2: note: Loop condition is false. Exiting loop
BLOCKING_INIT_NOTIFIER_HEAD(&priv->bus_notifier);
^
include/linux/notifier.h:84:43: note: expanded from macro 'BLOCKING_INIT_NOTIFIER_HEAD'
#define BLOCKING_INIT_NOTIFIER_HEAD(name) do { \
^
drivers/base/bus.c:797:6: note: Assuming 'retval' is not equal to 0
if (retval)
^~~~~~
drivers/base/bus.c:797:2: note: Taking true branch
if (retval)
^
drivers/base/bus.c:798:3: note: Control jumps to line 853
goto out;
^
drivers/base/bus.c:854:2: note: Null pointer value stored to field 'p'
bus->p = NULL;
^~~~~~~~~~~~~
drivers/base/bus.c:1083:8: note: Returning from 'bus_register'
err = bus_register(subsys);
^~~~~~~~~~~~~~~~~~~~
drivers/base/bus.c:1084:6: note: Assuming 'err' is >= 0
if (err < 0)
^~~~~~~
drivers/base/bus.c:1084:2: note: Taking false branch
if (err < 0)
^
drivers/base/bus.c:1088:6: note: Assuming 'dev' is null
if (!dev) {
^~~~
drivers/base/bus.c:1088:2: note: Taking true branch
if (!dev) {
vim +58 drivers/of/pdt.c
3cfc535c5df812 Andres Salomon 2010-10-10 40
a74ea43df1afc6 Andres Salomon 2011-02-23 41 static char * __init of_pdt_build_full_name(struct device_node *dp)
3cfc535c5df812 Andres Salomon 2010-10-10 42 {
a74ea43df1afc6 Andres Salomon 2011-02-23 43 static int failsafe_id = 0; /* for generating unique names on failure */
0c5eaa7749726b Rob Herring 2018-11-16 44 const char *name;
0c5eaa7749726b Rob Herring 2018-11-16 45 char path[256];
a74ea43df1afc6 Andres Salomon 2011-02-23 46 char *buf;
a74ea43df1afc6 Andres Salomon 2011-02-23 47 int len;
a74ea43df1afc6 Andres Salomon 2011-02-23 48
0c5eaa7749726b Rob Herring 2018-11-16 49 if (!of_pdt_prom_ops->pkg2path(dp->phandle, path, sizeof(path), &len)) {
0c5eaa7749726b Rob Herring 2018-11-16 50 name = kbasename(path);
0c5eaa7749726b Rob Herring 2018-11-16 51 buf = prom_early_alloc(strlen(name) + 1);
0c5eaa7749726b Rob Herring 2018-11-16 52 strcpy(buf, name);
a74ea43df1afc6 Andres Salomon 2011-02-23 53 return buf;
0c5eaa7749726b Rob Herring 2018-11-16 54 }
a74ea43df1afc6 Andres Salomon 2011-02-23 55
0c5eaa7749726b Rob Herring 2018-11-16 56 name = of_get_property(dp, "name", &len);
0c5eaa7749726b Rob Herring 2018-11-16 57 buf = prom_early_alloc(len + 16);
0c5eaa7749726b Rob Herring 2018-11-16 @58 sprintf(buf, "%s(a)unknown%i", name, failsafe_id++);
a74ea43df1afc6 Andres Salomon 2011-02-23 59 pr_err("%s: pkg2path failed; assigning %s\n", __func__, buf);
a74ea43df1afc6 Andres Salomon 2011-02-23 60 return buf;
3cfc535c5df812 Andres Salomon 2010-10-10 61 }
3cfc535c5df812 Andres Salomon 2010-10-10 62
:::::: The code at line 58 was first introduced by commit
:::::: 0c5eaa7749726b2e4667a5e3668c3eb8516e7440 of: Drop full path from full_name for PDT systems
:::::: TO: Rob Herring <robh@kernel.org>
:::::: CC: David S. Miller <davem@davemloft.net>
--
0-DAY CI Kernel Test Service
https://01.org/lkp
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2022-04-05 1:35 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-04-05 1:35 drivers/of/pdt.c:58:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides bound kernel test robot
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.