On Mon, Jun 29, 2020 at 6:11 PM Bart Van Assche <bvanassche@xxxxxxx> wrote:
>
> This patch fixes the following gcc 10 compiler error:
>
> In function 'memcpy',
> inlined from 'ch_ioctl' at drivers/scsi/ch.c:666:4:
> ./include/linux/string.h:377:4: error: call to '__read_overflow2' declared with attribute error: detected read beyond size of object passed as 2nd parameter
> 377 | __read_overflow2();
> | ^~~~~~~~~~~~~~~~~~
>
> Cc: Hannes Reinecke <hare@xxxxxxx>
> Cc: Arnd Bergmann <arnd@xxxxxxxx>
> Signed-off-by: Bart Van Assche <bvanassche@xxxxxxx>
> ---
> drivers/scsi/ch.c | 12 ++++++++----
> 1 file changed, 8 insertions(+), 4 deletions(-)
>
> diff --git a/drivers/scsi/ch.c b/drivers/scsi/ch.c
> index b81b397366db..b675a01380eb 100644
> --- a/drivers/scsi/ch.c
> +++ b/drivers/scsi/ch.c
> @@ -651,19 +651,23 @@ static long ch_ioctl(struct file *file,
> memset(&vparams,0,sizeof(vparams));
> if (ch->counts[CHET_V1]) {
> vparams.cvp_n1 = ch->counts[CHET_V1];
> - memcpy(vparams.cvp_label1,vendor_labels[0],16);
> + strncpy(vparams.cvp_label1, vendor_labels[0],
> + ARRAY_SIZE(vparams.cvp_label1));
> }
Against which tree is this? I see in mainline the correct
strncpy(vparams.cvp_label1,vendor_labels[0],16);
rather than the broken memcpy. If this was changed recently to the
broken version, maybe send a revert, or add a "Fixes" tag?
Arnd
