[PATCH v9 nf 01/15] net: pppoe: avoid zero-length arrays in struct pppoe_hdr
From: Eric Woudstra
Date: Wed Mar 05 2025 - 05:31:00 EST
Jakub Kicinski suggested following patch:
W=1 C=1 GCC build gives us:
net/bridge/netfilter/nf_conntrack_bridge.c: note: in included file (through
../include/linux/if_pppox.h, ../include/uapi/linux/netfilter_bridge.h,
../include/linux/netfilter_bridge.h): include/uapi/linux/if_pppox.h:
153:29: warning: array of flexible structures
It doesn't like that hdr has a zero-length array which overlaps proto.
The kernel code doesn't currently need those arrays.
PPPoE connection is functional after applying this patch.
Reviewed-by: Nikolay Aleksandrov <razor@xxxxxxxxxxxxx>
Signed-off-by: Eric Woudstra <ericwouds@xxxxxxxxx>
---
drivers/net/ppp/pppoe.c | 2 +-
include/uapi/linux/if_pppox.h | 4 ++++
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/drivers/net/ppp/pppoe.c b/drivers/net/ppp/pppoe.c
index 68e631718ab0..17946af6a8cf 100644
--- a/drivers/net/ppp/pppoe.c
+++ b/drivers/net/ppp/pppoe.c
@@ -882,7 +882,7 @@ static int pppoe_sendmsg(struct socket *sock, struct msghdr *m,
skb->protocol = cpu_to_be16(ETH_P_PPP_SES);
ph = skb_put(skb, total_len + sizeof(struct pppoe_hdr));
- start = (char *)&ph->tag[0];
+ start = (char *)ph + sizeof(*ph);
error = memcpy_from_msg(start, m, total_len);
if (error < 0) {
diff --git a/include/uapi/linux/if_pppox.h b/include/uapi/linux/if_pppox.h
index 9abd80dcc46f..29b804aa7474 100644
--- a/include/uapi/linux/if_pppox.h
+++ b/include/uapi/linux/if_pppox.h
@@ -122,7 +122,9 @@ struct sockaddr_pppol2tpv3in6 {
struct pppoe_tag {
__be16 tag_type;
__be16 tag_len;
+#ifndef __KERNEL__
char tag_data[];
+#endif
} __attribute__ ((packed));
/* Tag identifiers */
@@ -150,7 +152,9 @@ struct pppoe_hdr {
__u8 code;
__be16 sid;
__be16 length;
+#ifndef __KERNEL__
struct pppoe_tag tag[];
+#endif
} __packed;
/* Length of entire PPPoE + PPP header */
--
2.47.1