staging: rtl8723bs: fix fortify warnings by using struct_group

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Fix fortify_memcpy_chk warnings in rtw_BIP_verify() and
rtw_mgmt_xmitframe_coalesce() functions by using struct_group
to access consecutive address fields.

Changed memcpy calls to use &hdr->addrs instead of hdr->addr1
when copying 18 bytes (addr1 + addr2 + addr3).

This resolves 'detected read beyond size of field' warnings
by using the proper struct_group mechanism as suggested by
the compiler.

Signed-off-by: yingche <zxcv2569763104@gmail.com>
Reviewed-by: Dan Carpenter <dan.carpenter@linaro.org>
Link: https://lore.kernel.org/r/20250829040906.895221-1-zxcv2569763104@gmail.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

authored by

yingche and committed by

Greg Kroah-Hartman 6 months ago 0bbf8fb9 9d78ee44

+2 -2

2 changed files

expand all

drivers

staging

rtl8723bs

core

rtw_security.c

rtw_xmit.c

+1 -1

drivers/staging/rtl8723bs/core/rtw_security.c

··· 1363 1363 ClearPwrMgt(BIP_AAD); 1364 1364 ClearMData(BIP_AAD); 1365 1365 /* conscruct AAD, copy address 1 to address 3 */ 1366 - memcpy(BIP_AAD+2, pwlanhdr->addr1, 18); 1366 + memcpy(BIP_AAD + 2, &pwlanhdr->addrs, sizeof(pwlanhdr->addrs)); 1367 1367 1368 1368 if (omac1_aes_128(padapter->securitypriv.dot11wBIPKey[padapter->securitypriv.dot11wBIPKeyid].skey 1369 1369 , BIP_AAD, ori_len, mic))

+1 -1

drivers/staging/rtl8723bs/core/rtw_xmit.c

··· 1209 1209 ClearPwrMgt(BIP_AAD); 1210 1210 ClearMData(BIP_AAD); 1211 1211 /* conscruct AAD, copy address 1 to address 3 */ 1212 - memcpy(BIP_AAD+2, pwlanhdr->addr1, 18); 1212 + memcpy(BIP_AAD + 2, &pwlanhdr->addrs, sizeof(pwlanhdr->addrs)); 1213 1213 /* copy management fram body */ 1214 1214 memcpy(BIP_AAD+BIP_AAD_SIZE, MGMT_body, frame_body_len); 1215 1215 /* calculate mic */