On 02/27/2013 02:45 PM, Stephen Rothwell wrote:
> Hi all,
>
> On Wed, 27 Feb 2013 14:19:16 -0800 "H. Peter Anvin" <hpa@xxxxxxxxx>
> wrote:
>>
>> Although some of the cases I have seen being flagged as "false
>> positives" have been real bugs.
>
> [hijacking the thread :-)]
>
> I have been getting this warning for a very long time ( which would
> be an error if CONFIG_DEBUG_STRICT_USER_COPY_CHECK was set):
>
> i386 defconfig i386-linux-gcc (GCC) 4.6.3
>
> In file included from arch/x86/include/asm/uaccess.h:537:0, from
> include/linux/uaccess.h:5, from include/linux/highmem.h:8, from
> include/linux/pagemap.h:10, from fs/binfmt_misc.c:27:
> arch/x86/include/asm/uaccess_32.h: In function
> 'parse_command.part.2': arch/x86/include/asm/uaccess_32.h:211:26:
> warning: call to 'copy_from_user_overflow' declared with attribute
> warning: copy_from_user() buffer size is not provably correct
> [enabled by default]
>
OK, that is surprising, because that copy is very clearly properly
guarded:
static int parse_command(const char __user *buffer, size_t count)
{
char s[4];
if (!count)
return 0;
if (count > 3)
return -EINVAL;
if (copy_from_user(s, buffer, count))
return -EFAULT;
It isn't possible for count to be anything other than 1, 2 or 3 there,
and it is very surprising that gcc can't see it.
This might be worth filing a gcc bug for.
-hpa
--
To unsubscribe from this list: send the line "unsubscribe linux-parisc" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
