fortify: Fix incorrect reporting of read buffer size

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

When FORTIFY_SOURCE reports about a run-time buffer overread, the wrong
buffer size was being shown in the error message. (The bounds checking
was correct.)

Fixes: 3d965b33e40d ("fortify: Improve buffer overflow reporting")
Reviewed-by: Gustavo A. R. Silva <gustavoars@kernel.org>
Link: https://lore.kernel.org/r/20250729231817.work.023-kees@kernel.org
Signed-off-by: Kees Cook <kees@kernel.org>

Kees Cook 8 months ago 94fd4464 fc525d62

+1 -1

1 changed file

expand all

include

linux

fortify-string.h

+1 -1

include/linux/fortify-string.h

··· 596 596 if (p_size != SIZE_MAX && p_size < size) 597 597 fortify_panic(func, FORTIFY_WRITE, p_size, size, true); 598 598 else if (q_size != SIZE_MAX && q_size < size) 599 - fortify_panic(func, FORTIFY_READ, p_size, size, true); 599 + fortify_panic(func, FORTIFY_READ, q_size, size, true); 600 600 601 601 /* 602 602 * Warn when writing beyond destination field size.