2022-05-24 11:00:23

by Genjian

Subject: [PATCH] net: ipv4: Avoid bounds check warning

From: huhai <[email protected]>

Fix the following build warning when CONFIG_IPV6 is not set:

In function ‘fortify_memcpy_chk’,
inlined from ‘tcp_md5_do_add’ at net/ipv4/tcp_ipv4.c:1211:2:
./include/linux/fortify-string.h:328:4: error: call to ‘__write_overflow_field’ declared with attribute warning: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror=attribute-warning]
328 | __write_overflow_field(p_size_field, size);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: huhai <[email protected]>
---
net/ipv4/tcp_ipv4.c | 5 +++++
1 file changed, 5 insertions(+)

diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
index 457f5b5d5d4a..ed03b8c48443 100644
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -1207,9 +1207,14 @@ int tcp_md5_do_add(struct sock *sk, const union tcp_md5_addr *addr,
key->prefixlen = prefixlen;
key->l3index = l3index;
key->flags = flags;
+#if IS_ENABLED(CONFIG_IPV6)
memcpy(&key->addr, addr,
(family == AF_INET6) ? sizeof(struct in6_addr) :
sizeof(struct in_addr));
+#else
+ memcpy(&key->addr, addr, sizeof(struct in_addr));
+#endif
+
hlist_add_head_rcu(&key->node, &md5sig->head);
return 0;
}
--
2.27.0

2022-05-26 16:37:11

by Paolo Abeni

Subject: Re: [PATCH] net: ipv4: Avoid bounds check warning

On Tue, 2022-05-24 at 15:23 +0800, Genjian Zhang wrote:
> From: huhai <[email protected]>
>
> Fix the following build warning when CONFIG_IPV6 is not set:
>
> In function ‘fortify_memcpy_chk’,
> inlined from ‘tcp_md5_do_add’ at net/ipv4/tcp_ipv4.c:1211:2:
> ./include/linux/fortify-string.h:328:4: error: call to ‘__write_overflow_field’ declared with attribute warning: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror=attribute-warning]
> 328 | __write_overflow_field(p_size_field, size);
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> Signed-off-by: huhai <[email protected]>
> ---
> net/ipv4/tcp_ipv4.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
> index 457f5b5d5d4a..ed03b8c48443 100644
> --- a/net/ipv4/tcp_ipv4.c
> +++ b/net/ipv4/tcp_ipv4.c
> @@ -1207,9 +1207,14 @@ int tcp_md5_do_add(struct sock *sk, const union tcp_md5_addr *addr,
> key->prefixlen = prefixlen;
> key->l3index = l3index;
> key->flags = flags;
> +#if IS_ENABLED(CONFIG_IPV6)
> memcpy(&key->addr, addr,
> (family == AF_INET6) ? sizeof(struct in6_addr) :
> sizeof(struct in_addr));

I'm wondering if you could avoid the extra compiler conditional with
something alike:

memcpy(&key->addr, addr,
(IS_ENABLED(CONFIG_IPV6) && family == AF_INET6) ? sizeof(struct in6_addr) :
sizeof(struct in_addr));

Thanks!

Paolo