| Message ID | 20190102131318.5765-4-honli@redhat.com (mailing list archive) |
|---|---|
| State | Not Applicable |
| Headers | show |
| Series | [ibsim,01/23] move sim_cmd_file into ibsim/sim_cmd.c | expand |
On 1/2/2019 8:12 AM, Honggang Li wrote: > The sizeof(port->vlarb_high) is 128. sizeof(default_vlarb_high) is 30. > > memcpy(port->vlarb_high, default_vlarb_high, sizeof(port->vlarb_high)) > will fill [31, 128] bytes of port->vlarb_high with garbage after > default_vlarb_high. > > ------------------------------------------------------------------------- > make[1]: Entering directory '/home/honli/rpmbuild/BUILD/ibsim-0.7/ibsim' > cc -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -Wall -g -Werror -Wno-deprecated-declarations -fpic -I. -I../include -I/usr/include -c -o sim_net.o sim_net.c > In file included from /usr/include/string.h:494, > from sim_net.c:38: > In function 'memcpy', > inlined from 'init_ports' at sim_net.c:648:3: > /usr/include/bits/string_fortified.h:34:10: error: '__builtin_memcpy' forming offset [31, 128] is out of the bounds [0, 30] of object 'default_vlarb_high' with type 'const struct vlarb[15]' [-Werror=array-bounds] > return __builtin___memcpy_chk (__dest, __src, __len, __bos0 (__dest)); > ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > sim_net.c: In function 'init_ports': > sim_net.c:171:27: note: 'default_vlarb_high' declared here > static const struct vlarb default_vlarb_high[] = { > ^~~~~~~~~~~~~~~~~~ > In file included from /usr/include/string.h:494, > from sim_net.c:38: > In function 'memcpy', > inlined from 'init_ports' at sim_net.c:650:3: > /usr/include/bits/string_fortified.h:34:10: error: '__builtin_memcpy' forming offset [31, 128] is out of the bounds [0, 30] of object 'default_vlarb_low' with type 'const struct vlarb[15]' [-Werror=array-bounds] > return __builtin___memcpy_chk (__dest, __src, __len, __bos0 (__dest)); > ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > sim_net.c: In function 'init_ports': > sim_net.c:176:27: note: 'default_vlarb_low' declared here > static const struct vlarb default_vlarb_low[] = { > ^~~~~~~~~~~~~~~~~ > In file included from /usr/include/string.h:494, > from sim_net.c:38: > > Signed-off-by: Honggang Li <honli@redhat.com> Thanks. Applied. -- Hal
diff --git a/ibsim/sim_net.c b/ibsim/sim_net.c index a963ff6d6589..a62d39d39174 100644 --- a/ibsim/sim_net.c +++ b/ibsim/sim_net.c @@ -646,9 +646,9 @@ static void init_ports(Node * node, int type, int maxports) memcpy(port->sl2vl + 8 * j, default_sl2vl, 8); memcpy(port->vlarb_high, default_vlarb_high, - sizeof(port->vlarb_high)); + sizeof(default_vlarb_high)); memcpy(port->vlarb_low, default_vlarb_low, - sizeof(port->vlarb_low)); + sizeof(default_vlarb_low)); } }
The sizeof(port->vlarb_high) is 128. sizeof(default_vlarb_high) is 30. memcpy(port->vlarb_high, default_vlarb_high, sizeof(port->vlarb_high)) will fill [31, 128] bytes of port->vlarb_high with garbage after default_vlarb_high. ------------------------------------------------------------------------- make[1]: Entering directory '/home/honli/rpmbuild/BUILD/ibsim-0.7/ibsim' cc -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -Wall -g -Werror -Wno-deprecated-declarations -fpic -I. -I../include -I/usr/include -c -o sim_net.o sim_net.c In file included from /usr/include/string.h:494, from sim_net.c:38: In function 'memcpy', inlined from 'init_ports' at sim_net.c:648:3: /usr/include/bits/string_fortified.h:34:10: error: '__builtin_memcpy' forming offset [31, 128] is out of the bounds [0, 30] of object 'default_vlarb_high' with type 'const struct vlarb[15]' [-Werror=array-bounds] return __builtin___memcpy_chk (__dest, __src, __len, __bos0 (__dest)); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ sim_net.c: In function 'init_ports': sim_net.c:171:27: note: 'default_vlarb_high' declared here static const struct vlarb default_vlarb_high[] = { ^~~~~~~~~~~~~~~~~~ In file included from /usr/include/string.h:494, from sim_net.c:38: In function 'memcpy', inlined from 'init_ports' at sim_net.c:650:3: /usr/include/bits/string_fortified.h:34:10: error: '__builtin_memcpy' forming offset [31, 128] is out of the bounds [0, 30] of object 'default_vlarb_low' with type 'const struct vlarb[15]' [-Werror=array-bounds] return __builtin___memcpy_chk (__dest, __src, __len, __bos0 (__dest)); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ sim_net.c: In function 'init_ports': sim_net.c:176:27: note: 'default_vlarb_low' declared here static const struct vlarb default_vlarb_low[] = { ^~~~~~~~~~~~~~~~~ In file included from /usr/include/string.h:494, from sim_net.c:38: Signed-off-by: Honggang Li <honli@redhat.com> --- ibsim/sim_net.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)