Re: [GIT PULL] gcc-plugins updates for v4.13-rc1
From: Kees Cook
Date: Wed Jul 05 2017 - 17:52:53 EST
On Wed, Jul 5, 2017 at 2:48 PM, Arnd Bergmann <arnd@xxxxxxxx> wrote:
> On Wed, Jul 5, 2017 at 11:35 PM, Linus Torvalds
> <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
>
>> So the issue I think would be good to fix is perhaps best explained by
>> pseudo-code
>>
>> int testfn(struct somestruct __user *p)
>> {
>> struct somestruct a;
>>
>> initialize_struct(&a);
>> if (copy_to_user(p, &a, sizeof(a)))
>> return -EFAULT;
>> return 0;
>> }
>>
>> which is obviously made-up code, but is not actually entirely unrealistic.
>
> This particular example should be handled by
> scripts/gcc-plugins/structleak_plugin.c, right?
Only if struct somestruct _contains_ a __user pointer. I would love to
see this logic expanded, of course. :)
-Kees
--
Kees Cook
Pixel Security