* drivers/net/wireless/marvell/libertas/debugfs.c:834:10: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support l...
@ 2022-04-19 4:30 kernel test robot
0 siblings, 0 replies; 2+ messages in thread
From: kernel test robot @ 2022-04-19 4:30 UTC (permalink / raw)
To: kbuild
[-- Attachment #1: Type: text/plain, Size: 33211 bytes --]
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
BCC: lkp(a)intel.com
CC: linux-kernel(a)vger.kernel.org
TO: Arnd Bergmann <arnd@arndb.de>
CC: Masahiro Yamada <masahiroy@kernel.org>
CC: Alex Shi <alexs@kernel.org>
CC: Nick Desaulniers <ndesaulniers@google.com>
CC: Miguel Ojeda <ojeda@kernel.org>
CC: Nathan Chancellor <nathan@kernel.org>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: b2d229d4ddb17db541098b83524d901257e93845
commit: e8c07082a810fbb9db303a2b66b66b8d7e588b53 Kbuild: move to -std=gnu11
date: 5 weeks ago
:::::: branch date: 31 hours ago
:::::: commit date: 5 weeks ago
config: x86_64-randconfig-c007-20220418 (https://download.01.org/0day-ci/archive/20220419/202204191101.NJ4VDjiE-lkp(a)intel.com/config)
compiler: clang version 15.0.0 (https://github.com/llvm/llvm-project b27430f9f46b88bcd54d992debc8d72e131e1bd0)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e8c07082a810fbb9db303a2b66b66b8d7e588b53
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout e8c07082a810fbb9db303a2b66b66b8d7e588b53
# save the config file to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=x86_64 clang-analyzer
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
68 warnings generated.
Suppressed 68 warnings (68 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
35 warnings generated.
drivers/hwmon/ltc2945.c:286:2: warning: Value stored to 'ret' is never read [clang-analyzer-deadcode.DeadStores]
ret = regmap_update_bits(regmap, LTC2945_CONTROL, CONTROL_TEST_MODE,
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/hwmon/ltc2945.c:286:2: note: Value stored to 'ret' is never read
ret = regmap_update_bits(regmap, LTC2945_CONTROL, CONTROL_TEST_MODE,
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Suppressed 34 warnings (34 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
62 warnings generated.
Suppressed 62 warnings (62 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
77 warnings generated.
drivers/net/wireless/marvell/libertas/debugfs.c:44:9: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
pos += snprintf(buf+pos, len-pos, "state = %s\n",
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:44:9: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
pos += snprintf(buf+pos, len-pos, "state = %s\n",
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:46:9: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
pos += snprintf(buf+pos, len-pos, "region_code = %02x\n",
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:46:9: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
pos += snprintf(buf+pos, len-pos, "region_code = %02x\n",
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:69:8: warning: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
ret = sscanf(buf, "%d %d %d %d %d %d", &p1, &p2, &p3, &p4, &p5, &p6);
^~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:69:8: note: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11
ret = sscanf(buf, "%d %d %d %d %d %d", &p1, &p2, &p3, &p4, &p5, &p6);
^~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:108:9: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
pos += snprintf(buf, len, "%d %d %d %d %d %d\n", sp.sp_error,
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:108:9: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
pos += snprintf(buf, len, "%d %d %d %d %d %d\n", sp.sp_error,
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:133:8: warning: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
ret = sscanf(buf, "%d", &host_sleep);
^~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:133:8: note: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11
ret = sscanf(buf, "%d", &host_sleep);
^~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:173:9: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
pos += snprintf(buf, len, "%d\n", priv->is_host_sleep_activated);
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:173:9: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
pos += snprintf(buf, len, "%d\n", priv->is_host_sleep_activated);
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:254:10: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
pos += snprintf(buf, len, "%d %d %d\n", value, freq,
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:254:10: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
pos += snprintf(buf, len, "%d %d %d\n", value, freq,
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:286:8: warning: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
ret = sscanf(buf, "%d %d %d", &value, &freq, &new_mask);
^~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:286:8: note: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11
ret = sscanf(buf, "%d %d %d", &value, &freq, &new_mask);
^~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:449:9: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
pos = snprintf(buf, len, "MAC[0x%x] = 0x%08x\n",
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:449:9: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
pos = snprintf(buf, len, "MAC[0x%x] = 0x%08x\n",
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:487:8: warning: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
res = sscanf(buf, "%x %x", &offset, &value);
^~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:487:8: note: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11
res = sscanf(buf, "%x %x", &offset, &value);
^~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:519:9: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
pos = snprintf(buf, len, "BBP[0x%x] = 0x%08x\n",
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:519:9: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
pos = snprintf(buf, len, "BBP[0x%x] = 0x%08x\n",
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:559:8: warning: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
res = sscanf(buf, "%x %x", &offset, &value);
^~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:559:8: note: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11
res = sscanf(buf, "%x %x", &offset, &value);
^~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:591:9: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
pos = snprintf(buf, len, "RF[0x%x] = 0x%08x\n",
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:591:9: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
pos = snprintf(buf, len, "RF[0x%x] = 0x%08x\n",
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:630:8: warning: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
res = sscanf(buf, "%x %x", &offset, &value);
^~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:630:8: note: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11
res = sscanf(buf, "%x %x", &offset, &value);
^~~~~~
>> drivers/net/wireless/marvell/libertas/debugfs.c:834:10: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
pos += sprintf(p + pos, "%s=%d\n", d[i].name, val);
^~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:834:10: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
pos += sprintf(p + pos, "%s=%d\n", d[i].name, val);
^~~~~~~
Suppressed 62 warnings (62 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
26 warnings generated.
drivers/char/ipmi/ipmi_si_hotmod.c:205:3: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&h, 0, sizeof(h));
^~~~~~
drivers/char/ipmi/ipmi_si_hotmod.c:205:3: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&h, 0, sizeof(h));
^~~~~~
Suppressed 25 warnings (25 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
27 warnings generated.
drivers/char/ipmi/ipmi_si_hardcode.c:67:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&p, 0, sizeof(p));
^~~~~~
drivers/char/ipmi/ipmi_si_hardcode.c:67:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&p, 0, sizeof(p));
^~~~~~
drivers/char/ipmi/ipmi_si_hardcode.c:99:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(si_type, 0, sizeof(si_type));
^~~~~~
drivers/char/ipmi/ipmi_si_hardcode.c:99:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(si_type, 0, sizeof(si_type));
^~~~~~
Suppressed 25 warnings (25 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
34 warnings generated.
Suppressed 34 warnings (34 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
16 warnings generated.
Suppressed 16 warnings (16 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
34 warnings generated.
Suppressed 34 warnings (34 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
60 warnings generated.
drivers/media/i2c/adv7604.c:1467:3: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(stdi, 0, sizeof(struct stdi_readback));
^~~~~~
drivers/media/i2c/adv7604.c:1467:3: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(stdi, 0, sizeof(struct stdi_readback));
^~~~~~
drivers/media/i2c/adv7604.c:1571:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(timings, 0, sizeof(struct v4l2_dv_timings));
^~~~~~
drivers/media/i2c/adv7604.c:1571:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(timings, 0, sizeof(struct v4l2_dv_timings));
^~~~~~
drivers/media/i2c/adv7604.c:1672:3: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(timings, 0, sizeof(struct v4l2_dv_timings));
^~~~~~
drivers/media/i2c/adv7604.c:1672:3: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(timings, 0, sizeof(struct v4l2_dv_timings));
^~~~~~
drivers/media/i2c/adv7604.c:1852:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(format, 0, sizeof(*format));
^~~~~~
drivers/media/i2c/adv7604.c:1852:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(format, 0, sizeof(*format));
^~~~~~
drivers/media/i2c/adv7604.c:2277:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(edid->reserved, 0, sizeof(edid->reserved));
^~~~~~
drivers/media/i2c/adv7604.c:2277:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(edid->reserved, 0, sizeof(edid->reserved));
^~~~~~
drivers/media/i2c/adv7604.c:2305:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(edid->edid, data + edid->start_block * 128, edid->blocks * 128);
^~~~~~
drivers/media/i2c/adv7604.c:2305:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(edid->edid, data + edid->start_block * 128, edid->blocks * 128);
^~~~~~
drivers/media/i2c/adv7604.c:2319:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(edid->reserved, 0, sizeof(edid->reserved));
^~~~~~
drivers/media/i2c/adv7604.c:2319:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(edid->reserved, 0, sizeof(edid->reserved));
^~~~~~
drivers/media/i2c/adv7604.c:2403:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(state->edid.edid, edid->edid, 128 * edid->blocks);
^~~~~~
drivers/media/i2c/adv7604.c:2403:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(state->edid.edid, edid->edid, 128 * edid->blocks);
^~~~~~
drivers/media/i2c/adv7604.c:3478:2: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
snprintf(sd->name, sizeof(sd->name), "%s %d-%04x",
^~~~~~~~
drivers/media/i2c/adv7604.c:3478:2: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
snprintf(sd->name, sizeof(sd->name), "%s %d-%04x",
^~~~~~~~
Suppressed 51 warnings (50 in non-user code, 1 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
63 warnings generated.
net/sched/ematch.c:312:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(tree, 0, sizeof(*tree));
vim +834 drivers/net/wireless/marvell/libertas/debugfs.c
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 795
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 796 /**
8973a6e770fc89 drivers/net/wireless/libertas/debugfs.c Randy Dunlap 2011-04-26 797 * lbs_debugfs_read - proc read function
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 798 *
8973a6e770fc89 drivers/net/wireless/libertas/debugfs.c Randy Dunlap 2011-04-26 799 * @file: file to read
8973a6e770fc89 drivers/net/wireless/libertas/debugfs.c Randy Dunlap 2011-04-26 800 * @userbuf: pointer to buffer
8973a6e770fc89 drivers/net/wireless/libertas/debugfs.c Randy Dunlap 2011-04-26 801 * @count: number of bytes to read
8973a6e770fc89 drivers/net/wireless/libertas/debugfs.c Randy Dunlap 2011-04-26 802 * @ppos: read data starting position
8973a6e770fc89 drivers/net/wireless/libertas/debugfs.c Randy Dunlap 2011-04-26 803 *
8973a6e770fc89 drivers/net/wireless/libertas/debugfs.c Randy Dunlap 2011-04-26 804 * returns: amount of data read or negative error code
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 805 */
1007832103d016 drivers/net/wireless/libertas/debugfs.c Holger Schurig 2007-11-15 806 static ssize_t lbs_debugfs_read(struct file *file, char __user *userbuf,
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 807 size_t count, loff_t *ppos)
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 808 {
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 809 int val = 0;
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 810 size_t pos = 0;
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 811 ssize_t res;
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 812 char *p;
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 813 int i;
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 814 struct debug_data *d;
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 815 unsigned long addr = get_zeroed_page(GFP_KERNEL);
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 816 char *buf = (char *)addr;
ad43f8bfb7b9a6 drivers/net/wireless/libertas/debugfs.c Kiran Divekar 2009-08-28 817 if (!buf)
ad43f8bfb7b9a6 drivers/net/wireless/libertas/debugfs.c Kiran Divekar 2009-08-28 818 return -ENOMEM;
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 819
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 820 p = buf;
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 821
57674308d00b5e drivers/net/wireless/libertas/debugfs.c Joe Perches 2010-07-12 822 d = file->private_data;
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 823
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 824 for (i = 0; i < num_of_items; i++) {
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 825 if (d[i].size == 1)
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 826 val = *((u8 *) d[i].addr);
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 827 else if (d[i].size == 2)
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 828 val = *((u16 *) d[i].addr);
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 829 else if (d[i].size == 4)
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 830 val = *((u32 *) d[i].addr);
4269e2ad83036e drivers/net/wireless/libertas/debugfs.c Dan Williams 2007-05-10 831 else if (d[i].size == 8)
4269e2ad83036e drivers/net/wireless/libertas/debugfs.c Dan Williams 2007-05-10 832 val = *((u64 *) d[i].addr);
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 833
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 @834 pos += sprintf(p + pos, "%s=%d\n", d[i].name, val);
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 835 }
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 836
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 837 res = simple_read_from_buffer(userbuf, count, ppos, p, pos);
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 838
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 839 free_page(addr);
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 840 return res;
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 841 }
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 842
:::::: The code@line 834 was first introduced by commit
:::::: 876c9d3aeb989cf1961f2c228d309ba5dcfb1172 [PATCH] Marvell Libertas 8388 802.11b/g USB driver
:::::: TO: Marcelo Tosatti <marcelo@kvack.org>
:::::: CC: Jeff Garzik <jeff@garzik.org>
--
0-DAY CI Kernel Test Service
https://01.org/lkp
^ permalink raw reply [flat|nested] 2+ messages in thread
* drivers/net/wireless/marvell/libertas/debugfs.c:834:10: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support l...
@ 2022-04-18 9:01 kernel test robot
0 siblings, 0 replies; 2+ messages in thread
From: kernel test robot @ 2022-04-18 9:01 UTC (permalink / raw)
To: kbuild
[-- Attachment #1: Type: text/plain, Size: 28850 bytes --]
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
BCC: lkp(a)intel.com
CC: linux-kernel(a)vger.kernel.org
TO: Arnd Bergmann <arnd@arndb.de>
CC: Masahiro Yamada <masahiroy@kernel.org>
CC: Alex Shi <alexs@kernel.org>
CC: Nick Desaulniers <ndesaulniers@google.com>
CC: Miguel Ojeda <ojeda@kernel.org>
CC: Nathan Chancellor <nathan@kernel.org>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: b2d229d4ddb17db541098b83524d901257e93845
commit: e8c07082a810fbb9db303a2b66b66b8d7e588b53 Kbuild: move to -std=gnu11
date: 5 weeks ago
:::::: branch date: 12 hours ago
:::::: commit date: 5 weeks ago
config: x86_64-randconfig-c007-20220418 (https://download.01.org/0day-ci/archive/20220418/202204181653.iypCwbLQ-lkp(a)intel.com/config)
compiler: clang version 15.0.0 (https://github.com/llvm/llvm-project ef94609d6ebe981767788e6877b0b3b731d425af)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e8c07082a810fbb9db303a2b66b66b8d7e588b53
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout e8c07082a810fbb9db303a2b66b66b8d7e588b53
# save the config file to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=x86_64 clang-analyzer
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
27 warnings generated.
arch/x86/pci/acpi.c:355:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(bus->sysdata, &sd, sizeof(sd));
^~~~~~
arch/x86/pci/acpi.c:355:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(bus->sysdata, &sd, sizeof(sd));
^~~~~~
Suppressed 26 warnings (26 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
26 warnings generated.
Suppressed 26 warnings (26 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
62 warnings generated.
Suppressed 62 warnings (62 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
77 warnings generated.
drivers/net/wireless/marvell/libertas/debugfs.c:44:9: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
pos += snprintf(buf+pos, len-pos, "state = %s\n",
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:44:9: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
pos += snprintf(buf+pos, len-pos, "state = %s\n",
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:46:9: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
pos += snprintf(buf+pos, len-pos, "region_code = %02x\n",
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:46:9: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
pos += snprintf(buf+pos, len-pos, "region_code = %02x\n",
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:69:8: warning: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
ret = sscanf(buf, "%d %d %d %d %d %d", &p1, &p2, &p3, &p4, &p5, &p6);
^~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:69:8: note: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11
ret = sscanf(buf, "%d %d %d %d %d %d", &p1, &p2, &p3, &p4, &p5, &p6);
^~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:108:9: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
pos += snprintf(buf, len, "%d %d %d %d %d %d\n", sp.sp_error,
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:108:9: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
pos += snprintf(buf, len, "%d %d %d %d %d %d\n", sp.sp_error,
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:133:8: warning: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
ret = sscanf(buf, "%d", &host_sleep);
^~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:133:8: note: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11
ret = sscanf(buf, "%d", &host_sleep);
^~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:173:9: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
pos += snprintf(buf, len, "%d\n", priv->is_host_sleep_activated);
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:173:9: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
pos += snprintf(buf, len, "%d\n", priv->is_host_sleep_activated);
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:254:10: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
pos += snprintf(buf, len, "%d %d %d\n", value, freq,
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:254:10: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
pos += snprintf(buf, len, "%d %d %d\n", value, freq,
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:286:8: warning: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
ret = sscanf(buf, "%d %d %d", &value, &freq, &new_mask);
^~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:286:8: note: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11
ret = sscanf(buf, "%d %d %d", &value, &freq, &new_mask);
^~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:449:9: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
pos = snprintf(buf, len, "MAC[0x%x] = 0x%08x\n",
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:449:9: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
pos = snprintf(buf, len, "MAC[0x%x] = 0x%08x\n",
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:487:8: warning: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
res = sscanf(buf, "%x %x", &offset, &value);
^~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:487:8: note: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11
res = sscanf(buf, "%x %x", &offset, &value);
^~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:519:9: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
pos = snprintf(buf, len, "BBP[0x%x] = 0x%08x\n",
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:519:9: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
pos = snprintf(buf, len, "BBP[0x%x] = 0x%08x\n",
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:559:8: warning: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
res = sscanf(buf, "%x %x", &offset, &value);
^~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:559:8: note: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11
res = sscanf(buf, "%x %x", &offset, &value);
^~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:591:9: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
pos = snprintf(buf, len, "RF[0x%x] = 0x%08x\n",
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:591:9: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
pos = snprintf(buf, len, "RF[0x%x] = 0x%08x\n",
^~~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:630:8: warning: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
res = sscanf(buf, "%x %x", &offset, &value);
^~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:630:8: note: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11
res = sscanf(buf, "%x %x", &offset, &value);
^~~~~~
>> drivers/net/wireless/marvell/libertas/debugfs.c:834:10: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
pos += sprintf(p + pos, "%s=%d\n", d[i].name, val);
^~~~~~~
drivers/net/wireless/marvell/libertas/debugfs.c:834:10: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
pos += sprintf(p + pos, "%s=%d\n", d[i].name, val);
^~~~~~~
Suppressed 62 warnings (62 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
34 warnings generated.
Suppressed 34 warnings (34 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
10 warnings generated.
fs/configfs/item.c:60:9: warning: Call to function 'vsnprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'vsnprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
need = vsnprintf(item->ci_namebuf, limit, fmt, args);
^~~~~~~~~
fs/configfs/item.c:60:9: note: Call to function 'vsnprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'vsnprintf_s' in case of C11
need = vsnprintf(item->ci_namebuf, limit, fmt, args);
^~~~~~~~~
Suppressed 9 warnings (9 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
29 warnings generated.
fs/overlayfs/super.c:1811:2: warning: Value stored to 'err' is never read [clang-analyzer-deadcode.DeadStores]
err = -EINVAL;
^ ~~~~~~~
fs/overlayfs/super.c:1811:2: note: Value stored to 'err' is never read
err = -EINVAL;
^ ~~~~~~~
Suppressed 28 warnings (28 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
33 warnings generated.
fs/overlayfs/namei.c:51:3: warning: Call to function 'memmove' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memmove_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memmove(buf + prelen, buf, res);
^~~~~~~
fs/overlayfs/namei.c:51:3: note: Call to function 'memmove' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memmove_s' in case of C11
memmove(buf + prelen, buf, res);
^~~~~~~
fs/overlayfs/namei.c:52:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(buf, d->name.name, prelen);
^~~~~~
fs/overlayfs/namei.c:52:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(buf, d->name.name, prelen);
^~~~~~
fs/overlayfs/namei.c:55:2: warning: Call to function 'strcat' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcat'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
strcat(buf, post);
^~~~~~
fs/overlayfs/namei.c:55:2: note: Call to function 'strcat' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcat'. CWE-119
strcat(buf, post);
^~~~~~
fs/overlayfs/namei.c:707:10: warning: 1st function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage]
index = lookup_positive_unlocked(name.name, ofs->indexdir, name.len);
^
fs/overlayfs/namei.c:848:11: note: Assuming field 'redirect_follow' is false
.last = ofs->config.redirect_follow ? false : !poe->numlower,
^~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/overlayfs/namei.c:848:11: note: '?' condition is false
fs/overlayfs/namei.c:848:49: note: Assuming field 'numlower' is not equal to 0
.last = ofs->config.redirect_follow ? false : !poe->numlower,
^~~~~~~~~~~~~~
fs/overlayfs/namei.c:853:6: note: Assuming field 'len' is <= field 'namelen'
if (dentry->d_name.len > ofs->namelen)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/overlayfs/namei.c:853:2: note: Taking false branch
if (dentry->d_name.len > ofs->namelen)
^
fs/overlayfs/namei.c:858:6: note: Assuming 'upperdir' is null
if (upperdir) {
^~~~~~~~
fs/overlayfs/namei.c:858:2: note: Taking false branch
if (upperdir) {
^
fs/overlayfs/namei.c:898:9: note: Field 'stop' is false
if (!d.stop && poe->numlower) {
^
fs/overlayfs/namei.c:898:6: note: Left side of '&&' is true
if (!d.stop && poe->numlower) {
^
fs/overlayfs/namei.c:898:22: note: Field 'numlower' is not equal to 0
if (!d.stop && poe->numlower) {
^
fs/overlayfs/namei.c:898:2: note: Taking true branch
if (!d.stop && poe->numlower) {
^
fs/overlayfs/namei.c:902:7: note: Assuming 'stack' is non-null
if (!stack)
^~~~~~
fs/overlayfs/namei.c:902:3: note: Taking false branch
if (!stack)
^
fs/overlayfs/namei.c:906:17: note: Field 'stop' is false
for (i = 0; !d.stop && i < poe->numlower; i++) {
^
fs/overlayfs/namei.c:906:14: note: Left side of '&&' is true
for (i = 0; !d.stop && i < poe->numlower; i++) {
^
fs/overlayfs/namei.c:906:25: note: 'i' is < field 'numlower'
for (i = 0; !d.stop && i < poe->numlower; i++) {
^
fs/overlayfs/namei.c:906:2: note: Loop condition is true. Entering loop body
for (i = 0; !d.stop && i < poe->numlower; i++) {
^
fs/overlayfs/namei.c:909:20: note: Field 'redirect_follow' is false
vim +834 drivers/net/wireless/marvell/libertas/debugfs.c
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 795
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 796 /**
8973a6e770fc89 drivers/net/wireless/libertas/debugfs.c Randy Dunlap 2011-04-26 797 * lbs_debugfs_read - proc read function
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 798 *
8973a6e770fc89 drivers/net/wireless/libertas/debugfs.c Randy Dunlap 2011-04-26 799 * @file: file to read
8973a6e770fc89 drivers/net/wireless/libertas/debugfs.c Randy Dunlap 2011-04-26 800 * @userbuf: pointer to buffer
8973a6e770fc89 drivers/net/wireless/libertas/debugfs.c Randy Dunlap 2011-04-26 801 * @count: number of bytes to read
8973a6e770fc89 drivers/net/wireless/libertas/debugfs.c Randy Dunlap 2011-04-26 802 * @ppos: read data starting position
8973a6e770fc89 drivers/net/wireless/libertas/debugfs.c Randy Dunlap 2011-04-26 803 *
8973a6e770fc89 drivers/net/wireless/libertas/debugfs.c Randy Dunlap 2011-04-26 804 * returns: amount of data read or negative error code
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 805 */
1007832103d016 drivers/net/wireless/libertas/debugfs.c Holger Schurig 2007-11-15 806 static ssize_t lbs_debugfs_read(struct file *file, char __user *userbuf,
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 807 size_t count, loff_t *ppos)
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 808 {
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 809 int val = 0;
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 810 size_t pos = 0;
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 811 ssize_t res;
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 812 char *p;
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 813 int i;
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 814 struct debug_data *d;
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 815 unsigned long addr = get_zeroed_page(GFP_KERNEL);
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 816 char *buf = (char *)addr;
ad43f8bfb7b9a6 drivers/net/wireless/libertas/debugfs.c Kiran Divekar 2009-08-28 817 if (!buf)
ad43f8bfb7b9a6 drivers/net/wireless/libertas/debugfs.c Kiran Divekar 2009-08-28 818 return -ENOMEM;
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 819
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 820 p = buf;
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 821
57674308d00b5e drivers/net/wireless/libertas/debugfs.c Joe Perches 2010-07-12 822 d = file->private_data;
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 823
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 824 for (i = 0; i < num_of_items; i++) {
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 825 if (d[i].size == 1)
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 826 val = *((u8 *) d[i].addr);
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 827 else if (d[i].size == 2)
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 828 val = *((u16 *) d[i].addr);
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 829 else if (d[i].size == 4)
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 830 val = *((u32 *) d[i].addr);
4269e2ad83036e drivers/net/wireless/libertas/debugfs.c Dan Williams 2007-05-10 831 else if (d[i].size == 8)
4269e2ad83036e drivers/net/wireless/libertas/debugfs.c Dan Williams 2007-05-10 832 val = *((u64 *) d[i].addr);
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 833
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 @834 pos += sprintf(p + pos, "%s=%d\n", d[i].name, val);
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 835 }
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 836
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 837 res = simple_read_from_buffer(userbuf, count, ppos, p, pos);
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 838
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 839 free_page(addr);
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 840 return res;
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 841 }
876c9d3aeb989c drivers/net/wireless/libertas/debugfs.c Marcelo Tosatti 2007-02-10 842
:::::: The code@line 834 was first introduced by commit
:::::: 876c9d3aeb989cf1961f2c228d309ba5dcfb1172 [PATCH] Marvell Libertas 8388 802.11b/g USB driver
:::::: TO: Marcelo Tosatti <marcelo@kvack.org>
:::::: CC: Jeff Garzik <jeff@garzik.org>
--
0-DAY CI Kernel Test Service
https://01.org/lkp
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-04-19 4:30 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-04-19 4:30 drivers/net/wireless/marvell/libertas/debugfs.c:834:10: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support l kernel test robot
-- strict thread matches above, loose matches on Subject: below --
2022-04-18 9:01 kernel test robot
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.