Re: [PATCH net-next] af_unix: Refine UNIX domain sockets autobind identifier length
From: kernel test robot
Date: Thu Feb 06 2025 - 01:51:12 EST
Hi Liang,
kernel test robot noticed the following build warnings:
[auto build test WARNING on net-next/main]
url: https://github.com/intel-lab-lkp/linux/commits/Liang-Jie/af_unix-Refine-UNIX-domain-sockets-autobind-identifier-length/20250205-141123
base: net-next/main
patch link: https://lore.kernel.org/r/20250205060653.2221165-1-buaajxlj%40163.com
patch subject: [PATCH net-next] af_unix: Refine UNIX domain sockets autobind identifier length
config: x86_64-defconfig (https://download.01.org/0day-ci/archive/20250206/202502061416.GZjhJTOs-lkp@xxxxxxxxx/config)
compiler: gcc-11 (Debian 11.3.0-12) 11.3.0
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20250206/202502061416.GZjhJTOs-lkp@xxxxxxxxx/reproduce)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@xxxxxxxxx>
| Closes: https://lore.kernel.org/oe-kbuild-all/202502061416.GZjhJTOs-lkp@xxxxxxxxx/
All warnings (new ones prefixed by >>):
net/unix/af_unix.c: In function 'unix_autobind':
>> net/unix/af_unix.c:1227:48: warning: 'sprintf' writing a terminating nul past the end of the destination [-Wformat-overflow=]
1227 | sprintf(addr->name->sun_path + 1, "%0*x", AUTOBIND_LEN - 1, ordernum);
| ^
net/unix/af_unix.c:1227:9: note: 'sprintf' output 6 bytes into a destination of size 5
1227 | sprintf(addr->name->sun_path + 1, "%0*x", AUTOBIND_LEN - 1, ordernum);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
vim +/sprintf +1227 net/unix/af_unix.c
1195
1196 static int unix_autobind(struct sock *sk)
1197 {
1198 struct unix_sock *u = unix_sk(sk);
1199 unsigned int new_hash, old_hash;
1200 struct net *net = sock_net(sk);
1201 struct unix_address *addr;
1202 u32 lastnum, ordernum;
1203 int err;
1204
1205 err = mutex_lock_interruptible(&u->bindlock);
1206 if (err)
1207 return err;
1208
1209 if (u->addr)
1210 goto out;
1211
1212 err = -ENOMEM;
1213 addr = kzalloc(sizeof(*addr) +
1214 offsetof(struct sockaddr_un, sun_path) + AUTOBIND_LEN, GFP_KERNEL);
1215 if (!addr)
1216 goto out;
1217
1218 addr->len = offsetof(struct sockaddr_un, sun_path) + AUTOBIND_LEN;
1219 addr->name->sun_family = AF_UNIX;
1220 refcount_set(&addr->refcnt, 1);
1221
1222 old_hash = sk->sk_hash;
1223 ordernum = get_random_u32();
1224 lastnum = ordernum & 0xFFFFF;
1225 retry:
1226 ordernum = (ordernum + 1) & 0xFFFFF;
> 1227 sprintf(addr->name->sun_path + 1, "%0*x", AUTOBIND_LEN - 1, ordernum);
1228
1229 new_hash = unix_abstract_hash(addr->name, addr->len, sk->sk_type);
1230 unix_table_double_lock(net, old_hash, new_hash);
1231
1232 if (__unix_find_socket_byname(net, addr->name, addr->len, new_hash)) {
1233 unix_table_double_unlock(net, old_hash, new_hash);
1234
1235 /* __unix_find_socket_byname() may take long time if many names
1236 * are already in use.
1237 */
1238 cond_resched();
1239
1240 if (ordernum == lastnum) {
1241 /* Give up if all names seems to be in use. */
1242 err = -ENOSPC;
1243 unix_release_addr(addr);
1244 goto out;
1245 }
1246
1247 goto retry;
1248 }
1249
1250 __unix_set_addr_hash(net, sk, addr, new_hash);
1251 unix_table_double_unlock(net, old_hash, new_hash);
1252 err = 0;
1253
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki