From 97dd1b0ab5524fe9cda53f60847f3e3c07cc90a8 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Thu, 29 Mar 2018 08:38:28 -0700 Subject: mmc-utils: Fix string overflow error The SRCREV change bring another patch from upstream b4fe0c8 fix ENH_START_ADDR overflow Signed-off-by: Khem Raj Signed-off-by: Richard Purdie --- ...ce-strncpy-with-memmove-on-overlapping-me.patch | 36 ++++++++++++++++++++++ meta/recipes-devtools/mmc/mmc-utils_git.bb | 6 ++-- 2 files changed, 40 insertions(+), 2 deletions(-) create mode 100644 meta/recipes-devtools/mmc/mmc-utils/0001-lsmmc-replace-strncpy-with-memmove-on-overlapping-me.patch diff --git a/meta/recipes-devtools/mmc/mmc-utils/0001-lsmmc-replace-strncpy-with-memmove-on-overlapping-me.patch b/meta/recipes-devtools/mmc/mmc-utils/0001-lsmmc-replace-strncpy-with-memmove-on-overlapping-me.patch new file mode 100644 index 0000000000..62e25fde9b --- /dev/null +++ b/meta/recipes-devtools/mmc/mmc-utils/0001-lsmmc-replace-strncpy-with-memmove-on-overlapping-me.patch @@ -0,0 +1,36 @@ +From 175ac0f362bf6121c3537e2f1760ad41c8f81367 Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Thu, 29 Mar 2018 01:04:57 -0700 +Subject: [PATCH] lsmmc: replace strncpy with memmove on overlapping memory + copy + +here source and destination addresses are overlapping so using memmove is +going to be more efficient. + +Additionally, the bounded size for copy is overflowing for first copy + +In function 'strncpy', + inlined from 'read_file' at lsmmc.c:356:3: +/mnt/a/oe/build/tmp/work/cortexa7t2hf-neon-vfpv4-bec-linux-gnueabi/mmc-utils/0.1-r0/recipe-sysroot/usr/include/bits/string_fortified.h:106:10: error: '__builtin_strncpy' accessing 4096 bytes at offsets 0 and 1 overlaps 4095 bytes at offset 1 [-Werror=restrict] + return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest)); + ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Signed-off-by: Khem Raj +--- +Upstream-Status: Submitted [https://patchwork.kernel.org/patch/10314723/] + lsmmc.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lsmmc.c b/lsmmc.c +index c4faa00..bcb854d 100644 +--- a/lsmmc.c ++++ b/lsmmc.c +@@ -353,7 +353,7 @@ char *read_file(char *name) + line[strlen(line) - 1] = '\0'; + + while (isspace(line[0])) +- strncpy(&line[0], &line[1], sizeof(line)); ++ memmove(&line[0], &line[1], sizeof(line)-1); + + return strdup(line); + } diff --git a/meta/recipes-devtools/mmc/mmc-utils_git.bb b/meta/recipes-devtools/mmc/mmc-utils_git.bb index 8977a87962..37a4755234 100644 --- a/meta/recipes-devtools/mmc/mmc-utils_git.bb +++ b/meta/recipes-devtools/mmc/mmc-utils_git.bb @@ -4,11 +4,13 @@ LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://mmc.c;beginline=1;endline=20;md5=fae32792e20f4d27ade1c5a762d16b7d" SRCBRANCH ?= "master" -SRCREV = "7bcad171173fd9a9401e7ce81906605bd6f4eddc" +SRCREV = "b4fe0c8c0e57a74c01755fa9362703b60d7ee49d" PV = "0.1" -SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/cjb/mmc-utils.git;branch=${SRCBRANCH}" +SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/cjb/mmc-utils.git;branch=${SRCBRANCH} \ + file://0001-lsmmc-replace-strncpy-with-memmove-on-overlapping-me.patch \ + " UPSTREAM_CHECK_COMMITS = "1" S = "${WORKDIR}/git" -- cgit 1.2.3-korg