Re: [REGRESSION][BISECTED] erroneous buffer overflow detected in bch2_xattr_validate

From: Kees Cook
Date: Thu Oct 03 2024 - 17:28:15 EST


On Thu, Oct 03, 2024 at 05:17:08PM +0200, Jan Hendrik Farr wrote:
> gcc currently says that the __bdos of struct containing a flexible array
> member is:
>
> sizeof(<whole struct>) + sizeof(<flexible array element>) * <count>
>
> clang however does the following:
>
> max(sizeof(<whole struct>), offsetof(<flexible array member>) + sizeof(<flexible array element>) * <count>)

Clang's calculation seems very wrong. I would expect it to match GCC's.

--
Kees Cook