Re: [PATCH][next] sctp: Fix out-of-bounds warning in sctp_process_asconf_param()

From: Gustavo A. R. Silva
Date: Fri Apr 16 2021 - 16:16:31 EST




On 4/16/21 14:53, Kees Cook wrote:
> On Fri, Apr 16, 2021 at 02:12:36PM -0500, Gustavo A. R. Silva wrote:
>> Fix the following out-of-bounds warning:
>>
>> net/sctp/sm_make_chunk.c:3150:4: warning: 'memcpy' offset [17, 28] from the object at 'addr' is out of the bounds of referenced subobject 'v4' with type 'struct sockaddr_in' at offset 0 [-Warray-bounds]
>>
>> This helps with the ongoing efforts to globally enable -Warray-bounds
>> and get us closer to being able to tighten the FORTIFY_SOURCE routines
>> on memcpy().
>>
>> Link: https://github.com/KSPP/linux/issues/109
>> Reported-by: kernel test robot <lkp@xxxxxxxxx>
>> Signed-off-by: Gustavo A. R. Silva <gustavoars@xxxxxxxxxx>
>
> Yup!

:)

> Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx>

Thanks, Kees.

--
Gustavo