diff options
author | Kees Cook <keescook@chromium.org> | 2022-09-07 16:27:06 -0700 |
---|---|---|
committer | Kees Cook <keescook@chromium.org> | 2022-09-07 16:37:48 -0700 |
commit | 66cb2a36a96f6facbcb4ef1db967b8e9ea6910fe (patch) | |
tree | 382e1e769ad3e6ad749262f9482d03670004b98a | |
parent | 98388bda6a99d76309f81584f2bc0d773bdf8b35 (diff) | |
download | lwn-66cb2a36a96f6facbcb4ef1db967b8e9ea6910fe.tar.gz lwn-66cb2a36a96f6facbcb4ef1db967b8e9ea6910fe.zip |
kunit/memcpy: Avoid pathological compile-time string size
The memcpy() KUnit tests are trying to sanity-check run-time behaviors,
but tripped compile-time warnings about a pathological condition of a
too-small buffer being used for input. Avoid this by explicitly resizing
the buffer, but leaving the string short. Avoid the following warning:
lib/memcpy_kunit.c: In function 'strtomem_test':
include/linux/string.h:303:42: warning: 'strnlen' specified bound 4 exceeds source size 3 [-Wstringop-overread]
303 | memcpy(dest, src, min(_dest_len, strnlen(src, _dest_len))); \
include/linux/minmax.h:32:39: note: in definition of macro '__cmp_once'
32 | typeof(y) unique_y = (y); \
| ^
include/linux/minmax.h:45:25: note: in expansion of macro '__careful_cmp'
45 | #define min(x, y) __careful_cmp(x, y, <)
| ^~~~~~~~~~~~~
include/linux/string.h:303:27: note: in expansion of macro 'min'
303 | memcpy(dest, src, min(_dest_len, strnlen(src, _dest_len))); \
| ^~~
lib/memcpy_kunit.c:290:9: note: in expansion of macro 'strtomem'
290 | strtomem(wrap.output, input);
| ^~~~~~~~
lib/memcpy_kunit.c:275:27: note: source object allocated here
275 | static const char input[] = "hi";
| ^~~~~
Reported-by: kernel test robot <lkp@intel.com>
Link: https://lore.kernel.org/linux-mm/202209070728.o3stvgVt-lkp@intel.com
Fixes: dfbafa70bde2 ("string: Introduce strtomem() and strtomem_pad()")
Signed-off-by: Kees Cook <keescook@chromium.org>
-rw-r--r-- | lib/memcpy_kunit.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/memcpy_kunit.c b/lib/memcpy_kunit.c index d22fa3838ee9..2b5cc70ac53f 100644 --- a/lib/memcpy_kunit.c +++ b/lib/memcpy_kunit.c @@ -272,7 +272,7 @@ static void memset_test(struct kunit *test) static void strtomem_test(struct kunit *test) { - static const char input[] = "hi"; + static const char input[sizeof(unsigned long)] = "hi"; static const char truncate[] = "this is too long"; struct { unsigned long canary1; |