Re: security/landlock/ruleset.c:96:9: warning: 'memcpy' accessing 4294967295 bytes at offsets 20 and 0 overlaps 6442450943 bytes at offset -2147483648

[Kees Cook]

On Mon, Jan 06, 2025 at 06:04:56PM +0100, Mickaël Salaün wrote:
> On Sat, Jan 04, 2025 at 07:26:27AM +0800, kernel test robot wrote:
> >    security/landlock/ruleset.c: In function 'create_rule':
> > >> security/landlock/ruleset.c:96:9: warning: 'memcpy' accessing 4294967295 bytes at offsets 20 and 0 overlaps 6442450943 bytes at offset -2147483648 [-Wrestrict]
> >       96 |         memcpy(new_rule->layers, layers,
> >          |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> >       97 |                         flex_array_size(new_rule, layers, num_layers));
> >          |                         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> I guess the GCC warning is a false positive?
> See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=116494

Does the warning go away if flex_array_size() is open-coded or if the
create_rule prototype uses "*" instead of "[]" syntax for the "layers"
argument?

The warning is about the "read" part ("accessing"). Using tip-of-tree
gcc with -fdiagnostics-details might show more details on the calling
path.

-Kees

-- 
Kees Cook