smb: client: memcpy() with surrounding object base address

BugLink: https://bugs.launchpad.net/bugs/2102118

[ Upstream commit f69b0187f8745a7a9584f6b13f5e792594b88b2e ]

Like commit f1f047bd7c ("smb: client: Fix -Wstringop-overflow issues"),
adjust the memcpy() destination address to be based off the surrounding
object rather than based off the 4-byte "Protocol" member. This avoids a
build-time warning when compiling under CONFIG_FORTIFY_SOURCE with GCC 15:

In function 'fortify_memcpy_chk',
    inlined from 'CIFSSMBSetPathInfo' at ../fs/smb/client/cifssmb.c:5358:2:
../include/linux/fortify-string.h:571:25: error: call to '__write_overflow_field' declared with attribute warning: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror=attribute-warning]
  571 |                         __write_overflow_field(p_size_field, size);
      |                         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Kees Cook <kees@kernel.org>
Reviewed-by: Gustavo A. R. Silva <gustavoars@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: Koichiro Den <koichiro.den@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>

This commit is contained in:

Kees Cook

2025-03-12 22:51:00 +09:00

committed by

Stefan Bader

parent f4c51f4236

commit efb69e0aa9

1 changed files with 1 additions and 1 deletions

									
										fs/smb/client/cifssmb.c
									
		+1
		-1
	
												View File
												
				@@ -5364,7 +5364,7 @@ SetTimesRetry:

					param_offset = offsetof(struct smb_com_transaction2_spi_req,

								InformationLevel) - 4;

					offset = param_offset + params;

					data_offset = (char *) (&pSMB->hdr.Protocol) + offset;

					data_offset = (char *)pSMB + offsetof(typeof(*pSMB), hdr.Protocol) + offset;

					pSMB->ParameterOffset = cpu_to_le16(param_offset);

					pSMB->DataOffset = cpu_to_le16(offset);

					pSMB->SetupCount = 1;