On Mon, May 6, 2024 at 4:10 PM Justin Stitt <justinstitt@xxxxxxxxxx> wrote:
>
...
>
> Historically, the signed integer overflow sanitizer did not work in the
> kernel due to its interaction with `-fwrapv` but this has since been
> changed [1] in the newest version of Clang; It being re-enabled in the
> kernel with Commit 557f8c582a9ba8ab ("ubsan: Reintroduce signed overflow
> sanitizer").
>
> Let's use check_add_overflow to check for overflow between p.start and
> p.length, as this method won't trigger a UBSAN splat.
Whoops, I got this wrong. The third argument is where the result of
the summation is stored. In an effort not to use a throwaway variable
during testing I just used the address of p.start, this is clearly
wrong. I've changed my approach in [v2].
[v2]: https://lore.kernel.org/all/20240507-b4-sio-block-ioctl-v2-1-e11113aeb10f@xxxxxxxxxx/
Thanks
Justin
