On Tue, Sep 10, 2024 at 10:52:59AM -0700, Eric Biggers wrote: > From: Eric Biggers <ebiggers@xxxxxxxxxx> > > sb_mac() verifies that the superblock + MAC don't exceed 512 bytes. > Because the superblock is currently 64 bytes, this really verifies > mac_size <= 448. This confuses smatch into thinking that mac_size may > be as large as 448, which is inconsistent with the later code that > assumes the MAC fits in a buffer of size HASH_MAX_DIGESTSIZE (64). > > In fact mac_size <= HASH_MAX_DIGESTSIZE is guaranteed by the crypto API, > as that is the whole point of HASH_MAX_DIGESTSIZE. But, let's be > defensive and explicitly check for this. This suppresses the false > positive smatch warning. It does not fix an actual bug. > > Reported-by: kernel test robot <lkp@xxxxxxxxx> > Reported-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx> > Closes: https://lore.kernel.org/r/202409061401.44rtN1bh-lkp@xxxxxxxxx/ > Signed-off-by: Eric Biggers <ebiggers@xxxxxxxxxx> > --- This works. Another option would be to just delete the SECTOR_SIZE check, but this is obviously more conservative. ;) regards, dan carpenter
