| Message ID | 20230703113737.694995-1-arnd@kernel.org (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | sunrpc: avoid constant-out-of-range warning with clang | expand |
On Mon, Jul 03, 2023 at 01:37:22PM +0200, Arnd Bergmann wrote: > From: Arnd Bergmann <arnd@arndb.de> > > The overflow check in xdr_stream_decode_uint32_array() was added for > 32-bit systems, but on 64-bit builds it causes a build warning when > building with clang and W=1: > > In file included from init/do_mounts.c:22: > include/linux/sunrpc/xdr.h:778:10: error: result of comparison of constant 4611686018427387903 with expression of type '__u32' (aka 'unsigned int') is always false [-Werror,-Wtautological-constant-out-of-range-compare] > 778 | if (len > SIZE_MAX / sizeof(*p)) > > Shut up the warning with a type cast. > > Fixes: 23a9dbbe0faf1 ("NFSD: prevent integer overflow on 32 bit systems") > Signed-off-by: Arnd Bergmann <arnd@arndb.de> > --- > include/linux/sunrpc/xdr.h | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/include/linux/sunrpc/xdr.h b/include/linux/sunrpc/xdr.h > index f89ec4b5ea169..6736121ee6a03 100644 > --- a/include/linux/sunrpc/xdr.h > +++ b/include/linux/sunrpc/xdr.h > @@ -775,7 +775,7 @@ xdr_stream_decode_uint32_array(struct xdr_stream *xdr, > > if (unlikely(xdr_stream_decode_u32(xdr, &len) < 0)) > return -EBADMSG; > - if (len > SIZE_MAX / sizeof(*p)) > + if ((size_t)len > SIZE_MAX / sizeof(*p)) > return -EBADMSG; > p = xdr_inline_decode(xdr, len * sizeof(*p)); I sent a patch for this last week that takes a different approach. https://lore.kernel.org/all/2390fdc8-13fa-4456-ab67-44f0744db412@moroto.mountain/ I probably should have used a Fixes tag just for informational purposes. regards, dan carpenter
On Mon, Jul 3, 2023 at 5:42 AM Dan Carpenter <dan.carpenter@linaro.org> wrote: > > On Mon, Jul 03, 2023 at 01:37:22PM +0200, Arnd Bergmann wrote: > > From: Arnd Bergmann <arnd@arndb.de> > > > > The overflow check in xdr_stream_decode_uint32_array() was added for > > 32-bit systems, but on 64-bit builds it causes a build warning when > > building with clang and W=1: > > > > In file included from init/do_mounts.c:22: > > include/linux/sunrpc/xdr.h:778:10: error: result of comparison of constant 4611686018427387903 with expression of type '__u32' (aka 'unsigned int') is always false [-Werror,-Wtautological-constant-out-of-range-compare] > > 778 | if (len > SIZE_MAX / sizeof(*p)) > > > > Shut up the warning with a type cast. > > > > Fixes: 23a9dbbe0faf1 ("NFSD: prevent integer overflow on 32 bit systems") > > Signed-off-by: Arnd Bergmann <arnd@arndb.de> > > --- > > include/linux/sunrpc/xdr.h | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/include/linux/sunrpc/xdr.h b/include/linux/sunrpc/xdr.h > > index f89ec4b5ea169..6736121ee6a03 100644 > > --- a/include/linux/sunrpc/xdr.h > > +++ b/include/linux/sunrpc/xdr.h > > @@ -775,7 +775,7 @@ xdr_stream_decode_uint32_array(struct xdr_stream *xdr, > > > > if (unlikely(xdr_stream_decode_u32(xdr, &len) < 0)) > > return -EBADMSG; > > - if (len > SIZE_MAX / sizeof(*p)) > > + if ((size_t)len > SIZE_MAX / sizeof(*p)) > > return -EBADMSG; > > p = xdr_inline_decode(xdr, len * sizeof(*p)); > > I sent a patch for this last week that takes a different approach. > > https://lore.kernel.org/all/2390fdc8-13fa-4456-ab67-44f0744db412@moroto.mountain/ > > I probably should have used a Fixes tag just for informational purposes. I have a slight preference for retaining the existing error handling here, but am happy to have 2 fixes in hand rather than 0; thank you both for your time looking at this. Reviewed-by: Nick Desaulniers <ndesaulniers@google.com> > > regards, > dan carpenter >
diff --git a/include/linux/sunrpc/xdr.h b/include/linux/sunrpc/xdr.h index f89ec4b5ea169..6736121ee6a03 100644 --- a/include/linux/sunrpc/xdr.h +++ b/include/linux/sunrpc/xdr.h @@ -775,7 +775,7 @@ xdr_stream_decode_uint32_array(struct xdr_stream *xdr, if (unlikely(xdr_stream_decode_u32(xdr, &len) < 0)) return -EBADMSG; - if (len > SIZE_MAX / sizeof(*p)) + if ((size_t)len > SIZE_MAX / sizeof(*p)) return -EBADMSG; p = xdr_inline_decode(xdr, len * sizeof(*p)); if (unlikely(!p))