[PATCH 03/11] security: commoncap: fix -Wstringop-overread warning

James Morris jmorris at namei.org
Wed Mar 24 20:50:33 UTC 2021

On Mon, 22 Mar 2021, Arnd Bergmann wrote:

> From: Arnd Bergmann <arnd at arndb.de>
> gcc-11 introdces a harmless warning for cap_inode_getsecurity:
> security/commoncap.c: In function ‘cap_inode_getsecurity’:
> security/commoncap.c:440:33: error: ‘memcpy’ reading 16 bytes from a region of size 0 [-Werror=stringop-overread]
>   440 |                                 memcpy(&nscap->data, &cap->data, sizeof(__le32) * 2 * VFS_CAP_U32);
>       |                                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> The problem here is that tmpbuf is initialized to NULL, so gcc assumes
> it is not accessible unless it gets set by vfs_getxattr_alloc().  This is
> a legitimate warning as far as I can tell, but the code is correct since
> it correctly handles the error when that function fails.
> Add a separate NULL check to tell gcc about it as well.
> Signed-off-by: Arnd Bergmann <arnd at arndb.de>

Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git fixes-v5.12

James Morris
<jmorris at namei.org>

More information about the Linux-security-module-archive mailing list