Re: [REGRESSION][BISECTED] erroneous buffer overflow detected in bch2_xattr_validate
From: Alan Huang
Date: Thu May 01 2025 - 10:31:24 EST
On Oct 25, 2024, at 23:27, Jan Hendrik Farr <kernel@xxxxxxxx> wrote:
>
> On 25 10:10:38, Miguel Ojeda wrote:
>> On Fri, Oct 25, 2024 at 3:15 AM Nathan Chancellor <nathan@xxxxxxxxxx> wrote:
>>>
>>> on the official submission.
>>
>> Same -- please feel free to add:
>>
>> Reviewed-by: Miguel Ojeda <ojeda@xxxxxxxxxx>
>>
>> One nit below that is fine either way:
>>
>>>> +# clang needs to be at least 19.1.3 to avoid __bdos miscalculations
>>>> +# https://github.com/llvm/llvm-project/pull/110497
>>>> +# https://github.com/llvm/llvm-project/pull/112636
>>>> +# TODO: when gcc 15 is released remove the build test and add gcc version check
>>
>> I would perhaps move these closer to the respective lines they are
>> comment on (i.e. `depends on` and `def_bool`).
>>
>
> Done, thanks!
>
> config CC_HAS_COUNTED_BY
> # TODO: when gcc 15 is released remove the build test and add
> # a gcc version check
> def_bool $(success,echo 'struct flex { int count; int array[] __attribute__((__counted_by__(count))); };' | $(CC) $(CLANG_FLAGS) -x c - -c -o /dev/null -Werror)
> # clang needs to be at least 19.1.3 to avoid __bdos miscalculations
> # https://github.com/llvm/llvm-project/pull/110497
> # https://github.com/llvm/llvm-project/pull/112636
> depends on !(CC_IS_CLANG && CLANG_VERSION < 190103)
Hello,
Now there are users using gcc 15.1.1 came across the similar issue (they are fine with gcc 14.2.1 ):
https://privatebin.net/?a0d4e97d590d71e1#9bLmp2Kb5NU6X6cZEucchDcu88HzUQwHUah8okKPReEt
I wonder if the __counted_by(x_name_len) in struct bch_xattr is needed, since there is also a value after x_name.
Thanks,
Alan