Re: [PATCH v2 2/2] VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()

[Gustavo A. R. Silva]

On 1/9/24 03:07, Dan Carpenter wrote:
> On Mon, Jan 08, 2024 at 08:05:38PM -0600, Gustavo A. R. Silva wrote:
> > > > Gustavo quoted:
> > > > "Under FORTIFY_SOURCE we should not copy data across multiple members
> > > > in a structure."
> > > >
> > > > Reported-by: syzkaller <syzkaller@xxxxxxxxxxxxxxxx>
> > > > Suggested-by: Vegard Nossum <vegard.nossum@xxxxxxxxxx>
> > > > Suggested-by: Gustavo A. R. Silva <gustavoars@xxxxxxxxxx>
> > > > Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@xxxxxxxxxx>
> > >
> > > Thanks for getting this fixed!
> > >
> > > Yeah, it's a "false positive" in the sense that the code was expecting
> >
> > It's a false positive _bug_, and a legitimate _warning_ coming from fortified
> > memcpy().
>
> It really feels like you're trying to sell the cost of this as a good
> thing...  We've already merged fortify so why are you still fighting

No, I'm just describing (here[1] and below), clear and concise, what fortify
is doing in this particular case, in response to your first intervention
in this thread[3].

"The warning is triggered because of a write beyond the boundaries of
`dg_info->msg`."[2]

You're arguing that fortify caused a problem. I'm describing the reason
why the feature triggered the warning. That's it, I guess.

Thanks
--
Gustavo

[1] https://lore.kernel.org/linux-hardening/9c742547-0021-464b-b7a8-7af46b0a4afa@xxxxxxxxxxxxxx/
[2] https://lore.kernel.org/linux-hardening/7826922a-d642-424e-bede-bfc45be9254d@xxxxxxxxxxxxxx/
[3] https://lore.kernel.org/linux-hardening/fc132bde-d42d-4aac-ba91-7a939a18091a@moroto.mountain/