diff options
| author | Arnd Bergmann <[email protected]> | 2023-10-09 22:31:31 +0200 |
|---|---|---|
| committer | Luiz Augusto von Dentz <[email protected]> | 2023-10-13 20:04:45 -0700 |
| commit | 9d1a3c74746428102d55371fbf74b484733937d9 (patch) | |
| tree | 22bc82a1487f50402b5dc5b39a4de2530f6e4591 /tools/testing/selftests/bpf/progs/test_autoload.c | |
| parent | 18f547f3fc074500ab5d419cf482240324e73a7e (diff) | |
Bluetooth: avoid memcmp() out of bounds warning
bacmp() is a wrapper around memcpy(), which contain compile-time
checks for buffer overflow. Since the hci_conn_request_evt() also calls
bt_dev_dbg() with an implicit NULL pointer check, the compiler is now
aware of a case where 'hdev' is NULL and treats this as meaning that
zero bytes are available:
In file included from net/bluetooth/hci_event.c:32:
In function 'bacmp',
inlined from 'hci_conn_request_evt' at net/bluetooth/hci_event.c:3276:7:
include/net/bluetooth/bluetooth.h:364:16: error: 'memcmp' specified bound 6 exceeds source size 0 [-Werror=stringop-overread]
364 | return memcmp(ba1, ba2, sizeof(bdaddr_t));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Add another NULL pointer check before the bacmp() to ensure the compiler
understands the code flow enough to not warn about it. Since the patch
that introduced the warning is marked for stable backports, this one
should also go that way to avoid introducing build regressions.
Fixes: 1ffc6f8cc332 ("Bluetooth: Reject connection with the device which has same BD_ADDR")
Cc: Kees Cook <[email protected]>
Cc: "Lee, Chun-Yi" <[email protected]>
Cc: Luiz Augusto von Dentz <[email protected]>
Cc: Marcel Holtmann <[email protected]>
Cc: [email protected]
Signed-off-by: Arnd Bergmann <[email protected]>
Reviewed-by: Kees Cook <[email protected]>
Signed-off-by: Luiz Augusto von Dentz <[email protected]>
Diffstat (limited to 'tools/testing/selftests/bpf/progs/test_autoload.c')
0 files changed, 0 insertions, 0 deletions