* Re: linux-5.7-rc1/tools/testing/selftests/resctrl/cqm_test.c:89:15: error: Buffer is accessed out of bounds
[not found] <DB7PR08MB38010E1B93EEE780A48EBBB39CDD0@DB7PR08MB3801.eurprd08.prod.outlook.com>
@ 2020-04-13 16:30 ` Reinette Chatre
2020-04-13 17:39 ` Prakhya, Sai Praneeth
0 siblings, 1 reply; 2+ messages in thread
From: Reinette Chatre @ 2020-04-13 16:30 UTC (permalink / raw)
To: David Binderman, fenghua.yu, shuah, Linux Kernel Mailing List,
linux-kselftest, Sai Praneeth Prakhya
+Sai
On 4/13/2020 2:43 AM, David Binderman wrote:
> Hello there,
>
> Source code is
>
> while (fgets(temp, 1024, fp)) {
>
> but
>
> char *token_array[8], temp[512];
>
> Use of compiler flag -D_FORTIFY_SOURCE=2 would have found the problem.
> For example:
>
> # include <stdio.h>
>
> extern void g( int);
>
> void
> f( FILE * fp)
> {
> char buf[ 100];
>
> while (fgets( buf, 200, fp) != 0)
> {
> g( 1);
> }
> }
>
> gives
>
> $ /home/dcb/gcc/results/bin/gcc -c -g -O2 -D_FORTIFY_SOURCE=2 apr13c.cc
> In file included from /usr/include/stdio.h:867,
> from apr13c.cc:2:
> In function ‘char* fgets(char*, int, FILE*)’,
> inlined from ‘void f(FILE*)’ at apr13c.cc:11:14:
> /usr/include/bits/stdio2.h:263:26: warning: call to ‘__fgets_chk_warn’ declared with attribute warning: fgets called with bigger size than length of destination buffer [-Wattribute-warning]
>
> I suggest switch on compiler flag -D_FORTIFY_SOURCE=2 in
> all development builds.
>
Thank you very much for catching this David.
Sai: could you include this fix in your upcoming series of fixes? Using
the pattern of "fgets(buf, sizeof(buf), ...)" instead of hard coding the
size should be helpful here.
Reinette
^ permalink raw reply [flat|nested] 2+ messages in thread
* RE: linux-5.7-rc1/tools/testing/selftests/resctrl/cqm_test.c:89:15: error: Buffer is accessed out of bounds
2020-04-13 16:30 ` linux-5.7-rc1/tools/testing/selftests/resctrl/cqm_test.c:89:15: error: Buffer is accessed out of bounds Reinette Chatre
@ 2020-04-13 17:39 ` Prakhya, Sai Praneeth
0 siblings, 0 replies; 2+ messages in thread
From: Prakhya, Sai Praneeth @ 2020-04-13 17:39 UTC (permalink / raw)
To: Chatre, Reinette, David Binderman, Yu, Fenghua, shuah,
Linux Kernel Mailing List, linux-kselftest
> -----Original Message-----
> From: Reinette Chatre <reinette.chatre@intel.com>
> Sent: Monday, April 13, 2020 9:31 AM
> To: David Binderman <dcb314@hotmail.com>; Yu, Fenghua
> <fenghua.yu@intel.com>; shuah@kernel.org; Linux Kernel Mailing List <linux-
> kernel@vger.kernel.org>; linux-kselftest@vger.kernel.org; Prakhya, Sai Praneeth
> <sai.praneeth.prakhya@intel.com>
> Subject: Re: linux-5.7-rc1/tools/testing/selftests/resctrl/cqm_test.c:89:15:
> error: Buffer is accessed out of bounds
>
> +Sai
>
> On 4/13/2020 2:43 AM, David Binderman wrote:
> > Hello there,
> >
> > Source code is
> >
> > while (fgets(temp, 1024, fp)) {
> >
> > but
> >
> > char *token_array[8], temp[512];
> >
> > Use of compiler flag -D_FORTIFY_SOURCE=2 would have found the problem.
> > For example:
> >
> > # include <stdio.h>
> >
> > extern void g( int);
> >
> > void
> > f( FILE * fp)
> > {
> > char buf[ 100];
> >
> > while (fgets( buf, 200, fp) != 0)
> > {
> > g( 1);
> > }
> > }
> >
> > gives
> >
> > $ /home/dcb/gcc/results/bin/gcc -c -g -O2 -D_FORTIFY_SOURCE=2
> > apr13c.cc In file included from /usr/include/stdio.h:867,
> > from apr13c.cc:2:
> > In function 'char* fgets(char*, int, FILE*)',
> > inlined from 'void f(FILE*)' at apr13c.cc:11:14:
> > /usr/include/bits/stdio2.h:263:26: warning: call to '__fgets_chk_warn'
> > declared with attribute warning: fgets called with bigger size than
> > length of destination buffer [-Wattribute-warning]
> >
> > I suggest switch on compiler flag -D_FORTIFY_SOURCE=2 in all
> > development builds.
> >
>
> Thank you very much for catching this David.
>
> Sai: could you include this fix in your upcoming series of fixes? Using the pattern
> of "fgets(buf, sizeof(buf), ...)" instead of hard coding the size should be helpful
> here.
Reinette: Sure! I will include this fix. Just FYI, I did notice this and have fixed it in V1 patches that I sent out earlier.
David: Thanks for bringing this up. I wasn't aware of the gcc flag you had mentioned. I will add it.
Regards,
Sai
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-04-13 17:40 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <DB7PR08MB38010E1B93EEE780A48EBBB39CDD0@DB7PR08MB3801.eurprd08.prod.outlook.com>
2020-04-13 16:30 ` linux-5.7-rc1/tools/testing/selftests/resctrl/cqm_test.c:89:15: error: Buffer is accessed out of bounds Reinette Chatre
2020-04-13 17:39 ` Prakhya, Sai Praneeth
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).