• Arnd Bergmann's avatar
    ext4: fix warning about stack corruption · 2df2c340
    Arnd Bergmann authored
    After commit 62d1034f53e3 ("fortify: use WARN instead of BUG for now"),
    we get a warning about possible stack overflow from a memcpy that
    was not strictly bounded to the size of the local variable:
    
        inlined from 'ext4_mb_seq_groups_show' at fs/ext4/mballoc.c:2322:2:
    include/linux/string.h:309:9: error: '__builtin_memcpy': writing between 161 and 1116 bytes into a region of size 160 overflows the destination [-Werror=stringop-overflow=]
    
    We actually had a bug here that would have been found by the warning,
    but it was already fixed last year in commit 30a9d7af ("ext4: fix
    stack memory corruption with 64k block size").
    
    This replaces the fixed-length structure on the stack with a variable-length
    structure, using the correct upper bound that tells the compiler that
    everything is really fine here. I also change the loop count to check
    for the same upper bound for consistency, but the existing code is
    already correct here.
    
    Note that while clang won't allow certain kinds of variable-length arrays
    in structures, this particular instance is fine, as the array is at the
    end of the structure, and the size is strictly bounded.
    Signed-off-by: default avatarArnd Bergmann <arnd@arndb.de>
    Signed-off-by: default avatarTheodore Ts'o <tytso@mit.edu>
    2df2c340
mballoc.c 147 KB