| Message ID | 20230829093652.234537-1-dmantipov@yandex.ru |
|---|---|
| State | New |
| Headers | show |
| Series | wifi: ath10k: fix clang-specific fortify warning | expand |
Dmitry Antipov <dmantipov@yandex.ru> wrote: > When compiling with clang 16.0.6 and CONFIG_FORTIFY_SOURCE=y, I've > noticed the following (somewhat confusing due to absence of an actual > source code location): > > In file included from drivers/net/wireless/ath/ath10k/debug.c:8: > In file included from ./include/linux/module.h:13: > In file included from ./include/linux/stat.h:19: > In file included from ./include/linux/time.h:60: > In file included from ./include/linux/time32.h:13: > In file included from ./include/linux/timex.h:67: > In file included from ./arch/x86/include/asm/timex.h:5: > In file included from ./arch/x86/include/asm/processor.h:23: > In file included from ./arch/x86/include/asm/msr.h:11: > In file included from ./arch/x86/include/asm/cpumask.h:5: > In file included from ./include/linux/cpumask.h:12: > In file included from ./include/linux/bitmap.h:11: > In file included from ./include/linux/string.h:254: > ./include/linux/fortify-string.h:592:4: warning: call to '__read_overflow2_field' > declared with 'warning' attribute: detected read beyond size of field (2nd > parameter); maybe use struct_group()? [-Wattribute-warning] > __read_overflow2_field(q_size_field, size); > > The compiler actually complains on 'ath10k_debug_get_et_strings()' where > fortification logic inteprets call to 'memcpy()' as an attempt to copy > the whole 'ath10k_gstrings_stats' array from it's first member and so > issues an overread warning. This warning may be silenced by passing > an address of the whole array and not the first member to 'memcpy()'. > > Signed-off-by: Dmitry Antipov <dmantipov@yandex.ru> > Acked-by: Jeff Johnson <quic_jjohnson@quicinc.com> > Signed-off-by: Kalle Valo <quic_kvalo@quicinc.com> Patch applied to ath-next branch of ath.git, thanks. cb4c132ebfea wifi: ath10k: fix clang-specific fortify warning
diff --git a/drivers/net/wireless/ath/ath10k/debug.c b/drivers/net/wireless/ath/ath10k/debug.c index f9518e1c9903..fe89bc61e531 100644 --- a/drivers/net/wireless/ath/ath10k/debug.c +++ b/drivers/net/wireless/ath/ath10k/debug.c @@ -1140,7 +1140,7 @@ void ath10k_debug_get_et_strings(struct ieee80211_hw *hw, u32 sset, u8 *data) { if (sset == ETH_SS_STATS) - memcpy(data, *ath10k_gstrings_stats, + memcpy(data, ath10k_gstrings_stats, sizeof(ath10k_gstrings_stats)); }
When compiling with clang 16.0.6 and CONFIG_FORTIFY_SOURCE=y, I've noticed the following (somewhat confusing due to absence of an actual source code location): In file included from drivers/net/wireless/ath/ath10k/debug.c:8: In file included from ./include/linux/module.h:13: In file included from ./include/linux/stat.h:19: In file included from ./include/linux/time.h:60: In file included from ./include/linux/time32.h:13: In file included from ./include/linux/timex.h:67: In file included from ./arch/x86/include/asm/timex.h:5: In file included from ./arch/x86/include/asm/processor.h:23: In file included from ./arch/x86/include/asm/msr.h:11: In file included from ./arch/x86/include/asm/cpumask.h:5: In file included from ./include/linux/cpumask.h:12: In file included from ./include/linux/bitmap.h:11: In file included from ./include/linux/string.h:254: ./include/linux/fortify-string.h:592:4: warning: call to '__read_overflow2_field' declared with 'warning' attribute: detected read beyond size of field (2nd parameter); maybe use struct_group()? [-Wattribute-warning] __read_overflow2_field(q_size_field, size); The compiler actually complains on 'ath10k_debug_get_et_strings()' where fortification logic inteprets call to 'memcpy()' as an attempt to copy the whole 'ath10k_gstrings_stats' array from it's first member and so issues an overread warning. This warning may be silenced by passing an address of the whole array and not the first member to 'memcpy()'. Signed-off-by: Dmitry Antipov <dmantipov@yandex.ru> --- drivers/net/wireless/ath/ath10k/debug.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)