From patchwork Wed Apr 5 13:54:25 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Rafael J. Wysocki" X-Patchwork-Id: 671062 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id CD5D0C761A6 for ; Wed, 5 Apr 2023 14:01:01 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238149AbjDEOBA (ORCPT ); Wed, 5 Apr 2023 10:01:00 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42206 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S237860AbjDEOAz (ORCPT ); Wed, 5 Apr 2023 10:00:55 -0400 Received: from cloudserver094114.home.pl (cloudserver094114.home.pl [79.96.170.134]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E45F5525D; Wed, 5 Apr 2023 07:00:47 -0700 (PDT) Received: from localhost (127.0.0.1) (HELO v370.home.net.pl) by /usr/run/smtp (/usr/run/postfix/private/idea_relay_lmtp) via UNIX with SMTP (IdeaSmtpServer 5.1.0) id 5d14c08f8e88d672; Wed, 5 Apr 2023 16:00:46 +0200 Received: from kreacher.localnet (unknown [213.134.163.219]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by v370.home.net.pl (Postfix) with ESMTPSA id 911C91B4EA5B; Wed, 5 Apr 2023 16:00:45 +0200 (CEST) From: "Rafael J. Wysocki" To: Linux ACPI Cc: LKML , Bob Moore , Kees Cook Subject: [PATCH 26/32] ACPICA: acpi_pci_routing_table: Replace fixed-size array with flex array member Date: Wed, 05 Apr 2023 15:54:25 +0200 Message-ID: <2656292.X9hSmTKtgW@kreacher> In-Reply-To: <4845957.31r3eYUQgx@kreacher> References: <4845957.31r3eYUQgx@kreacher> MIME-Version: 1.0 X-CLIENT-IP: 213.134.163.219 X-CLIENT-HOSTNAME: 213.134.163.219 X-VADE-SPAMSTATE: clean X-VADE-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgedvhedrvdejuddgjeduucetufdoteggodetrfdotffvucfrrhhofhhilhgvmecujffqoffgrffnpdggtffipffknecuuegrihhlohhuthemucduhedtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenucfjughrpefhvfevufffkfgjfhgggfgtsehtufertddttdejnecuhfhrohhmpedftfgrfhgrvghlucflrdcuhgihshhotghkihdfuceorhhjfiesrhhjfiihshhotghkihdrnhgvtheqnecuggftrfgrthhtvghrnhepledtieekkeekveeikeetgffgteeuteefjeevjeegudelvdduheeiuedvieehieevnecuffhomhgrihhnpehgihhthhhusgdrtghomhenucfkphepvddufedrudefgedrudeifedrvdduleenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepihhnvghtpedvudefrddufeegrdduieefrddvudelpdhhvghlohepkhhrvggrtghhvghrrdhlohgtrghlnhgvthdpmhgrihhlfhhrohhmpedftfgrfhgrvghlucflrdcuhgihshhotghkihdfuceorhhjfiesrhhjfiihshhotghkihdrnhgvtheqpdhnsggprhgtphhtthhopeegpdhrtghpthhtoheplhhinhhugidqrggtphhisehvghgvrhdrkhgvrhhnvghlrdhorhhgpdhrtghpthhtoheplhhinhhugidqkhgvrhhnvghlsehvghgvrhdrkhgvrhhnvghlrdhorhhgpdhrtghpthhtoheprhhosggvrhhtrdhmohhorhgvsehinhhtvghlrdgtohhmpdhrtghpthhtohepkhgvvghssehouhht fhhluhigrdhnvght X-DCC--Metrics: v370.home.net.pl 1024; Body=4 Fuz1=4 Fuz2=4 Precedence: bulk List-ID: X-Mailing-List: linux-acpi@vger.kernel.org From: Kees Cook ACPICA commit f4a3afd78c28dede0907f47951f0b73c9a776d4e The "Source" array is actually a dynamically sized array, but it is defined as a fixed-size 4 byte array. This results in tripping both compile-time and run-time bounds checkers (e.g. via either __builtin_object_size() or -fsanitize=bounds). To retain the padding, create a union with an unused Pad variable of size 4, and redefine Source as a proper flexible array member. No binary changes appear in the .text nor .data sections. Link: https://github.com/acpica/acpica/commit/f4a3afd7 Signed-off-by: Bob Moore Signed-off-by: Rafael J. Wysocki --- include/acpi/acrestyp.h | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/include/acpi/acrestyp.h b/include/acpi/acrestyp.h index 52e82d65016b..4c3b7b393f82 100644 --- a/include/acpi/acrestyp.h +++ b/include/acpi/acrestyp.h @@ -693,7 +693,10 @@ struct acpi_pci_routing_table { u32 pin; u64 address; /* here for 64-bit alignment */ u32 source_index; - char source[4]; /* pad to 64 bits so sizeof() works in all cases */ + union { + char pad[4]; /* pad to 64 bits so sizeof() works in all cases */ + ACPI_FLEX_ARRAY(char, source); + }; }; #endif /* __ACRESTYP_H__ */