public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug network/28846] New: CMSG_NXTHDR may trigger -Wstrict-overflow warning
@ 2022-02-01 14:55 fweimer at redhat dot com
2022-02-03 15:02 ` [Bug network/28846] " asn at samba dot org
` (4 more replies)
0 siblings, 5 replies; 6+ messages in thread
From: fweimer at redhat dot com @ 2022-02-01 14:55 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=28846
Bug ID: 28846
Summary: CMSG_NXTHDR may trigger -Wstrict-overflow warning
Product: glibc
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: network
Assignee: unassigned at sourceware dot org
Reporter: fweimer at redhat dot com
Target Milestone: ---
Flags: security-
Downstream bug report from Andreas Schneider:
“
This is actually a bug in /usr/include/bits/socket.h with
-Werror=strict-overflow.
The compiler complains about the CMSG_NXTHDR() macro.
In file included from /usr/include/sys/socket.h:33,
from
/builddir/build/BUILD/socket_wrapper-1.3.3/src/socket_wrapper.c:50:
In function '__cmsg_nxthdr',
inlined from 'test_sendmsg_cmsg' at
/builddir/build/BUILD/socket_wrapper-1.3.3/tests/test_swrap_unit.c:73:9:
/usr/include/bits/socket.h:322:6: error: assuming pointer wraparound does not
occur when comparing P +- C1 with P +- C2 [-Werror=strict-overflow]
322 | if ((unsigned char *) (__cmsg + 1) > ((unsigned char *)
__mhdr->msg_control
| ^
The line in test_swrap_unit.c:73 is:
73 »·······cmsg = CMSG_NXTHDR(&msg, cmsg);
”
This also impacts the out-of-line internal implementation in
sysdeps/unix/sysv/linux/cmsg_nxthdr.c.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug network/28846] CMSG_NXTHDR may trigger -Wstrict-overflow warning
2022-02-01 14:55 [Bug network/28846] New: CMSG_NXTHDR may trigger -Wstrict-overflow warning fweimer at redhat dot com
@ 2022-02-03 15:02 ` asn at samba dot org
2022-08-03 23:11 ` sam at gentoo dot org
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: asn at samba dot org @ 2022-02-03 15:02 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=28846
Andreas Schneider <asn at samba dot org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |asn at samba dot org
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug network/28846] CMSG_NXTHDR may trigger -Wstrict-overflow warning
2022-02-01 14:55 [Bug network/28846] New: CMSG_NXTHDR may trigger -Wstrict-overflow warning fweimer at redhat dot com
2022-02-03 15:02 ` [Bug network/28846] " asn at samba dot org
@ 2022-08-03 23:11 ` sam at gentoo dot org
2022-08-03 23:11 ` sam at gentoo dot org
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: sam at gentoo dot org @ 2022-08-03 23:11 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=28846
Sam James <sam at gentoo dot org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |sam at gentoo dot org
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug network/28846] CMSG_NXTHDR may trigger -Wstrict-overflow warning
2022-02-01 14:55 [Bug network/28846] New: CMSG_NXTHDR may trigger -Wstrict-overflow warning fweimer at redhat dot com
2022-02-03 15:02 ` [Bug network/28846] " asn at samba dot org
2022-08-03 23:11 ` sam at gentoo dot org
@ 2022-08-03 23:11 ` sam at gentoo dot org
2022-08-03 23:11 ` sam at gentoo dot org
2022-08-04 8:02 ` fweimer at redhat dot com
4 siblings, 0 replies; 6+ messages in thread
From: sam at gentoo dot org @ 2022-08-03 23:11 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=28846
--- Comment #1 from Sam James <sam at gentoo dot org> ---
>From 9c443ac4559a47ed99859bd80d14dc4b6dd220a1 Mon Sep 17 00:00:00 2001
From: Arjun Shankar <arjun@redhat.com>
Date: Tue, 2 Aug 2022 11:10:25 +0200
Subject: [PATCH] socket: Check lengths before advancing pointer in CMSG_NXTHDR
The inline and library functions that the CMSG_NXTHDR macro may expand
to increment the pointer to the header before checking the stride of
the increment against available space. Since C only allows incrementing
pointers to one past the end of an array, the increment must be done
after a length check. This commit fixes that and includes a regression
test for CMSG_FIRSTHDR and CMSG_NXTHDR.
The Linux, Hurd, and generic headers are all changed.
Tested on Linux on armv7hl, i686, x86_64, aarch64, ppc64le, and s390x.
[BZ #28846]
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
(https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=9c443ac4559a47ed99859bd80d14dc4b6dd220a1)
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug network/28846] CMSG_NXTHDR may trigger -Wstrict-overflow warning
2022-02-01 14:55 [Bug network/28846] New: CMSG_NXTHDR may trigger -Wstrict-overflow warning fweimer at redhat dot com
` (2 preceding siblings ...)
2022-08-03 23:11 ` sam at gentoo dot org
@ 2022-08-03 23:11 ` sam at gentoo dot org
2022-08-04 8:02 ` fweimer at redhat dot com
4 siblings, 0 replies; 6+ messages in thread
From: sam at gentoo dot org @ 2022-08-03 23:11 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=28846
Sam James <sam at gentoo dot org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Version|unspecified |2.37
Resolution|--- |FIXED
--- Comment #2 from Sam James <sam at gentoo dot org> ---
Fixed for 2.37.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug network/28846] CMSG_NXTHDR may trigger -Wstrict-overflow warning
2022-02-01 14:55 [Bug network/28846] New: CMSG_NXTHDR may trigger -Wstrict-overflow warning fweimer at redhat dot com
` (3 preceding siblings ...)
2022-08-03 23:11 ` sam at gentoo dot org
@ 2022-08-04 8:02 ` fweimer at redhat dot com
4 siblings, 0 replies; 6+ messages in thread
From: fweimer at redhat dot com @ 2022-08-04 8:02 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=28846
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |fweimer at redhat dot com
Target Milestone|--- |2.37
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2022-08-04 8:02 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-02-01 14:55 [Bug network/28846] New: CMSG_NXTHDR may trigger -Wstrict-overflow warning fweimer at redhat dot com
2022-02-03 15:02 ` [Bug network/28846] " asn at samba dot org
2022-08-03 23:11 ` sam at gentoo dot org
2022-08-03 23:11 ` sam at gentoo dot org
2022-08-03 23:11 ` sam at gentoo dot org
2022-08-04 8:02 ` fweimer at redhat dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).