Received: by 2002:a25:6193:0:0:0:0:0 with SMTP id v141csp4783506ybb; Tue, 14 Apr 2020 14:06:48 -0700 (PDT) X-Google-Smtp-Source: APiQypKaexrT0TRKAKaJiEsjcOqpdJBHShaMnKUazP6Rb+o7VwSZfDhpxjdeIudmxozzoqheEiZo X-Received: by 2002:aa7:c3c2:: with SMTP id l2mr455410edr.362.1586898408555; Tue, 14 Apr 2020 14:06:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1586898408; cv=none; d=google.com; s=arc-20160816; b=NO95aV0L/M2lGWN0I54K9P/EOr8lOxHKqF+zzWKi7PdrvBl+LRoDNsBbU0QV/cb919 OSRKUmDfkUL+8qSX8lkwigV1DfrfTxNXL+9flerls23u7aCmm9UMvKld0lL5OKTUH+jg N5NH1iG+7ZPM3B1AnwVniea/O9YNuRQscfXX35SmR+mPfxiLtU4Fttj+14mEo3/UuUvQ pUzUBn3cpx9bBq1dfDhdW85G3VU+VuPstW1rMjSxsqFG37VPxhMcx2goKpMXPwk9Gxbl JVjn4Pas2zKpJFGpGwpbwy2Oo9Zxum3I7b2v77jpYMeaWgHURui5AeUzbXbnQJkcQgrT YlhQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:content-transfer-encoding :dlp-reaction:dlp-version:dlp-product:content-language :accept-language:in-reply-to:references:message-id:date:thread-index :thread-topic:subject:to:from:ironport-sdr:ironport-sdr; bh=J5VLfq1PnSULVWZt1OhYkki88W7qg1PbKzsqR3AYrIg=; b=NX0Wi/Twmh52h0vOHTMcjFBxEwVFmd7wl+I2XFC7OuwTUWYp994uu6utK8U7iZQE75 UwakuhPATbuy13nEycz3xczajzrdkJVIHs+OdLvCQLFNMERxzWJ+B9KIJ7ix2Iwdu9Zy MY1jS+HC0WrXGXiTDNZSRdMQ24/7Rc4NiygL2o7QLcx5eTkM5pgIGeywOW/oQxJH8BRd 5IxU/npY9EJoXLs1JwSv42jB7LTo7a9R1WwIHUdWgIMl3vcA85tKM52WQSae60PauQfa Nnr0WFcukG7wvCkbvPCItx1R0kPXK3HMBRJFyyVftBov1taTtP7gHx4+Tx3N4ZxHrmrK sm4g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id y16si8856768eje.311.2020.04.14.14.06.14; Tue, 14 Apr 2020 14:06:48 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732949AbgDMRkN convert rfc822-to-8bit (ORCPT + 99 others); Mon, 13 Apr 2020 13:40:13 -0400 Received: from mga14.intel.com ([192.55.52.115]:20065 "EHLO mga14.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1732941AbgDMRkN (ORCPT ); Mon, 13 Apr 2020 13:40:13 -0400 IronPort-SDR: a/wTV2e7FoIt+Egf2Zt/11NpncYYf5yQcPBFNB3/Vc/qV2sqNNHyMMAKIpUqpuZJJhKRSxn17R cunqoaA4MLog== X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 Apr 2020 10:39:12 -0700 IronPort-SDR: wiAHJ4KIneuxAP4rm2G7cyHYAquz0lH6F6nhpgNXS0G2CkN2ZzOWn58IDdWhhczoInuhY10Cl7 Hw5m1tjuH3bQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.72,378,1580803200"; d="scan'208";a="276969663" Received: from orsmsx109.amr.corp.intel.com ([10.22.240.7]) by fmsmga004.fm.intel.com with ESMTP; 13 Apr 2020 10:39:12 -0700 Received: from orsmsx114.amr.corp.intel.com ([169.254.8.205]) by ORSMSX109.amr.corp.intel.com ([169.254.11.20]) with mapi id 14.03.0439.000; Mon, 13 Apr 2020 10:39:11 -0700 From: "Prakhya, Sai Praneeth" To: "Chatre, Reinette" , David Binderman , "Yu, Fenghua" , "shuah@kernel.org" , Linux Kernel Mailing List , "linux-kselftest@vger.kernel.org" Subject: RE: linux-5.7-rc1/tools/testing/selftests/resctrl/cqm_test.c:89:15: error: Buffer is accessed out of bounds Thread-Topic: linux-5.7-rc1/tools/testing/selftests/resctrl/cqm_test.c:89:15: error: Buffer is accessed out of bounds Thread-Index: AQHWEbDfJ6fzYiZKSEetFvBTCfNON6h3TNdA Date: Mon, 13 Apr 2020 17:39:11 +0000 Message-ID: References: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-version: 11.2.0.6 dlp-reaction: no-action x-originating-ip: [10.22.254.140] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 8BIT MIME-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > -----Original Message----- > From: Reinette Chatre > Sent: Monday, April 13, 2020 9:31 AM > To: David Binderman ; Yu, Fenghua > ; shuah@kernel.org; Linux Kernel Mailing List kernel@vger.kernel.org>; linux-kselftest@vger.kernel.org; Prakhya, Sai Praneeth > > Subject: Re: linux-5.7-rc1/tools/testing/selftests/resctrl/cqm_test.c:89:15: > error: Buffer is accessed out of bounds > > +Sai > > On 4/13/2020 2:43 AM, David Binderman wrote: > > Hello there, > > > > Source code is > > > > while (fgets(temp, 1024, fp)) { > > > > but > > > > char *token_array[8], temp[512]; > > > > Use of compiler flag -D_FORTIFY_SOURCE=2 would have found the problem. > > For example: > > > > # include > > > > extern void g( int); > > > > void > > f( FILE * fp) > > { > > char buf[ 100]; > > > > while (fgets( buf, 200, fp) != 0) > > { > > g( 1); > > } > > } > > > > gives > > > > $ /home/dcb/gcc/results/bin/gcc -c -g -O2 -D_FORTIFY_SOURCE=2 > > apr13c.cc In file included from /usr/include/stdio.h:867, > > from apr13c.cc:2: > > In function 'char* fgets(char*, int, FILE*)', > > inlined from 'void f(FILE*)' at apr13c.cc:11:14: > > /usr/include/bits/stdio2.h:263:26: warning: call to '__fgets_chk_warn' > > declared with attribute warning: fgets called with bigger size than > > length of destination buffer [-Wattribute-warning] > > > > I suggest switch on compiler flag -D_FORTIFY_SOURCE=2 in all > > development builds. > > > > Thank you very much for catching this David. > > Sai: could you include this fix in your upcoming series of fixes? Using the pattern > of "fgets(buf, sizeof(buf), ...)" instead of hard coding the size should be helpful > here. Reinette: Sure! I will include this fix. Just FYI, I did notice this and have fixed it in V1 patches that I sent out earlier. David: Thanks for bringing this up. I wasn't aware of the gcc flag you had mentioned. I will add it. Regards, Sai