Commit 6b2ddf33 authored by Vasily Gorbik's avatar Vasily Gorbik Committed by Martin Schwidefsky

s390/extmem: fix gcc 8 stringop-overflow warning

arch/s390/mm/extmem.c: In function '__segment_load':
arch/s390/mm/extmem.c:436:2: warning: 'strncat' specified bound 7 equals
source length [-Wstringop-overflow=]
  strncat(seg->res_name, " (DCSS)", 7);

What gcc complains about here is the misuse of strncat function, which
in this case does not limit a number of bytes taken from "src", so it is
in the end the same as strcat(seg->res_name, " (DCSS)");

Keeping in mind that a res_name is 15 bytes, strncat in this case
would overflow the buffer and write 0 into alignment byte between the
fields in the struct. To avoid that increasing res_name size to 16,
and reusing strlcat.
Reviewed-by: default avatarHeiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: default avatarVasily Gorbik <gor@linux.ibm.com>
Signed-off-by: default avatarMartin Schwidefsky <schwidefsky@de.ibm.com>
parent d642d626
...@@ -80,7 +80,7 @@ struct qin64 { ...@@ -80,7 +80,7 @@ struct qin64 {
struct dcss_segment { struct dcss_segment {
struct list_head list; struct list_head list;
char dcss_name[8]; char dcss_name[8];
char res_name[15]; char res_name[16];
unsigned long start_addr; unsigned long start_addr;
unsigned long end; unsigned long end;
atomic_t ref_count; atomic_t ref_count;
...@@ -433,7 +433,7 @@ __segment_load (char *name, int do_nonshared, unsigned long *addr, unsigned long ...@@ -433,7 +433,7 @@ __segment_load (char *name, int do_nonshared, unsigned long *addr, unsigned long
memcpy(&seg->res_name, seg->dcss_name, 8); memcpy(&seg->res_name, seg->dcss_name, 8);
EBCASC(seg->res_name, 8); EBCASC(seg->res_name, 8);
seg->res_name[8] = '\0'; seg->res_name[8] = '\0';
strncat(seg->res_name, " (DCSS)", 7); strlcat(seg->res_name, " (DCSS)", sizeof(seg->res_name));
seg->res->name = seg->res_name; seg->res->name = seg->res_name;
rc = seg->vm_segtype; rc = seg->vm_segtype;
if (rc == SEG_TYPE_SC || if (rc == SEG_TYPE_SC ||
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment