Re: [REGRESSION][BISECTED] erroneous buffer overflow detected in bch2_xattr_validate
From: Jan Hendrik Farr
Date: Thu Oct 03 2024 - 07:33:52 EST
On 02 11:18:57, Thorsten Blum wrote:
> On 28. Sep 2024, at 22:34, Kees Cook <kees@xxxxxxxxxx> wrote:
> > [...]
> >
> > Sorry, I've been out of commission with covid. Globally disabling this
> > macro for clang is not the right solution (way too big a hammer).
> >
> > Until Bill has a fix, we can revert commit
> > 86e92eeeb23741a072fe7532db663250ff2e726a, as the problem is limited to
> > certain situations where 'counted_by' is in use.
>
> I already encountered two other related __counted_by() issues [1][2]
> that are now being reverted. Would it be an option to disable it
> globally, but only for Clang < v19 (where it looks like it'll be fixed)?
>
> Otherwise adding __counted_by() might be a slippery slope for a long
> time and the edge cases don't seem to be that rare anymore.
>
> Thanks,
> Thorsten
>
> [1] https://lore.kernel.org/all/20240909162725.1805-2-thorsten.blum@xxxxxxxxxx/
> [2] https://lore.kernel.org/all/20240923213809.235128-2-thorsten.blum@xxxxxxxxx/
This issue is now fixed on the llvm main branch:
https://github.com/llvm/llvm-project/commit/882457a2eedbe6d53161b2f78fcf769fc9a93e8a
So presumably this will go into 19.1.2, not sure what this means for
distros that ship clang 18. Will they have to be notified to backport
this?
Best Regards
Jan