diff options
| author | Kees Cook <[email protected]> | 2024-03-04 13:29:31 -0800 |
|---|---|---|
| committer | Jakub Kicinski <[email protected]> | 2024-03-05 18:35:12 -0800 |
| commit | ff73f8344e58e7557819f92c88f289ffa6116be7 (patch) | |
| tree | fbd4c36c8575882d60e06ea46aaf204c8b236ce5 /lib/crypto/mpi/mpi-add.c | |
| parent | 4166204d7ec26aee3d1f26847e88e4e41841fbe3 (diff) | |
sock: Use unsafe_memcpy() for sock_copy()
While testing for places where zero-sized destinations were still showing
up in the kernel, sock_copy() and inet_reqsk_clone() were found, which
are using very specific memcpy() offsets for both avoiding a portion of
struct sock, and copying beyond the end of it (since struct sock is really
just a common header before the protocol-specific allocation). Instead
of trying to unravel this historical lack of container_of(), just switch
to unsafe_memcpy(), since that's effectively what was happening already
(memcpy() wasn't checking 0-sized destinations while the code base was
being converted away from fake flexible arrays).
Avoid the following false positive warning with future changes to
CONFIG_FORTIFY_SOURCE:
memcpy: detected field-spanning write (size 3068) of destination "&nsk->__sk_common.skc_dontcopy_end" at net/core/sock.c:2057 (size 0)
Signed-off-by: Kees Cook <[email protected]>
Reviewed-by: Simon Horman <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Jakub Kicinski <[email protected]>
Diffstat (limited to 'lib/crypto/mpi/mpi-add.c')
0 files changed, 0 insertions, 0 deletions