grub-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 3/3] reed_solomon: Fix array subscript 0 is outside array bou


From: Michael Chang
Subject: Re: [PATCH 3/3] reed_solomon: Fix array subscript 0 is outside array bounds
Date: Thu, 17 Mar 2022 16:59:17 +0800
User-agent: Mutt/1.10.1 (2018-07-13)

On Thu, Mar 17, 2022 at 08:41:32AM +0100, Paul Menzel wrote:
> Dear Michael,
> 
> 
> Thank you for working on that.
> 
> 
> Am 17.03.22 um 07:43 schrieb Michael Chang via Grub-devel:
> > The grub_absolute_pointer() is a compound expression that can only work
> > within a function. We are out of luck here when the pointer variables
> > require global definition due to ATTRIBUTE_TEXT that have to use fully
> > initialized global definition because of the way linkers work.
> > 
> >   static gf_single_t * const gf_powx ATTRIBUTE_TEXT = (void *) 0x100000;
> > 
> > For the reason given above, use gcc diagnostic pragmas to suppress the
> > array-bounds warning.
> 
> Can you please share the exact GCC warning messages?

Yes. It is very long so I didn't put in the description:

[  184s] ../../grub-core/lib/reed_solomon.c: In function 'pol_evaluate':
[  184s] ../../grub-core/lib/reed_solomon.c:147:39: error: array subscript [1, 
255] is outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   147 |         s ^= gf_powx[(int) gf_powx_inv[pol[i]] + log_xn];
[  184s]       |                            ~~~~~~~~~~~^~~~~~~~
[  184s] ../../grub-core/lib/reed_solomon.c:147:21: error: array subscript [0, 
2147483647] is outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   147 |         s ^= gf_powx[(int) gf_powx_inv[pol[i]] + log_xn];
[  184s]       |              ~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[  184s] In function 'gf_mul',
[  184s]     inlined from 'gf_mul' at ../../grub-core/lib/reed_solomon.c:106:1:
[  184s] ../../grub-core/lib/reed_solomon.c:110:35: error: array subscript [1, 
255] is outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   110 |   return gf_powx[(int) gf_powx_inv[a] + (int) gf_powx_inv[b]];
[  184s]       |                        ~~~~~~~~~~~^~~
[  184s] ../../grub-core/lib/reed_solomon.c:110:58: error: array subscript [1, 
255] is outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   110 |   return gf_powx[(int) gf_powx_inv[a] + (int) gf_powx_inv[b]];
[  184s]       |                                               ~~~~~~~~~~~^~~
[  184s] ../../grub-core/lib/reed_solomon.c:110:17: error: array subscript 0 is 
outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   110 |   return gf_powx[(int) gf_powx_inv[a] + (int) gf_powx_inv[b]];
[  184s]       |          ~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[  184s] ../../grub-core/lib/reed_solomon.c: In function 
'gauss_solve.constprop':
[  184s] ../../grub-core/lib/reed_solomon.c:231:21: error: array subscript 0 is 
outside array bounds of 'int[0]' [-Werror=array-bounds]
[  184s]   231 |       if (chosenstat[i] == -1)
[  184s]       |           ~~~~~~~~~~^~~
[  184s] ../../grub-core/lib/reed_solomon.c:235:14: error: array subscript [0, 
2147483647] is outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   235 |       s ^= eq[i * (m + 1) + m];
[  184s]       |            ~~^~~~~~~~~~~~~~~~~
[  184s] ../../grub-core/lib/reed_solomon.c:234:24: error: array subscript 0 is 
outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   234 |         s ^= gf_mul (eq[i * (m + 1) + j], sol[j]);
[  184s]       |                      ~~^~~~~~~~~~~~~~~~~
[  184s] In function 'gauss_eliminate',
[  184s]     inlined from 'gauss_solve.constprop' at 
../../grub-core/lib/reed_solomon.c:227:3:
[  184s] ../../grub-core/lib/reed_solomon.c:201:39: error: array subscript 0 is 
outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   201 |       for (nzidx = 0; nzidx < m && (eq[i * (m + 1) + nzidx] == 
0);
[  184s]       |                                     ~~^~~~~~~~~~~~~~~~~~~~~
[  184s] ../../grub-core/lib/reed_solomon.c:205:17: error: array subscript 0 is 
outside array bounds of 'int[0]' [-Werror=array-bounds]
[  184s]   205 |       chosen[i] = nzidx;
[  184s]       |       ~~~~~~~~~~^~~~~~~
[  184s] ../../grub-core/lib/reed_solomon.c:206:24: error: array subscript [0, 
2147483647] is outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   206 |       r = gf_invert (eq[i * (m + 1) + nzidx]);
[  184s]       |                      ~~^~~~~~~~~~~~~~~~~~~~~
[  184s] In function 'gf_invert',
[  184s]     inlined from 'gauss_eliminate' at 
../../grub-core/lib/reed_solomon.c:206:11,
[  184s]     inlined from 'gauss_solve.constprop' at 
../../grub-core/lib/reed_solomon.c:227:3:
[  184s] ../../grub-core/lib/reed_solomon.c:116:41: error: array subscript 0 is 
outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   116 |   return gf_powx[255 - (int) gf_powx_inv[a]];
[  184s]       |                              ~~~~~~~~~~~^~~
[  184s] ../../grub-core/lib/reed_solomon.c:116:17: error: array subscript 0 is 
outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   116 |   return gf_powx[255 - (int) gf_powx_inv[a]];
[  184s]       |          ~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~
[  184s] In function 'gauss_eliminate',
[  184s]     inlined from 'gauss_solve.constprop' at 
../../grub-core/lib/reed_solomon.c:227:3:
[  184s] ../../grub-core/lib/reed_solomon.c:211:23: error: array subscript [0, 
2147483647] is outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   211 |           gf_single_t rr = eq[j * (m + 1) + nzidx];
[  184s]       |                       ^~
[  184s] ../../grub-core/lib/reed_solomon.c:213:46: error: array subscript [0, 
2147483647] is outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   213 |             eq[j * (m + 1) + k] ^= gf_mul (eq[i * (m + 1) + 
k], rr);
[  184s]       |                                            ~~^~~~~~~~~~~~~~~~~
[  184s] ../../grub-core/lib/reed_solomon.c:213:15: error: array subscript [0, 
2147483647] is outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   213 |             eq[j * (m + 1) + k] ^= gf_mul (eq[i * (m + 1) + 
k], rr);
[  184s]       |             ~~^~~~~~~~~~~~~~~~~
[  184s] ../../grub-core/lib/reed_solomon.c:213:33: error: array subscript [0, 
2147483647] is outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   213 |             eq[j * (m + 1) + k] ^= gf_mul (eq[i * (m + 1) + 
k], rr);
[  184s]       |                                 ^~
[  184s] ../../grub-core/lib/reed_solomon.c:208:41: error: array subscript [0, 
2147483647] is outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   208 |         eq[i * (m + 1) + j] = gf_mul (eq[i * (m + 1) + j], r);
[  184s]       |                                       ~~^~~~~~~~~~~~~~~~~
[  184s] ../../grub-core/lib/reed_solomon.c:208:29: error: array subscript [0, 
2147483647] is outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   208 |         eq[i * (m + 1) + j] = gf_mul (eq[i * (m + 1) + j], r);
[  184s]       |         ~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[  184s] ../../grub-core/lib/reed_solomon.c: In function 
'gauss_solve.constprop':
[  184s] ../../grub-core/lib/reed_solomon.c:224:19: error: array subscript 0 is 
outside array bounds of 'int[0]' [-Werror=array-bounds]
[  184s]   224 |     chosenstat[i] = -1;
[  184s]       |     ~~~~~~~~~~~~~~^~~~
[  184s] In function 'init_powx',
[  184s]     inlined from 'grub_reed_solomon_recover' at 
../../grub-core/lib/reed_solomon.c:412:3:
[  184s] ../../grub-core/lib/reed_solomon.c:125:18: error: array subscript 0 is 
outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   125 |   gf_powx_inv[0] = 0;
[  184s]       |   ~~~~~~~~~~~~~~~^~~
[  184s] In function 'rs_recover',
[  184s]     inlined from 'decode_block' at 
../../grub-core/lib/reed_solomon.c:315:7,
[  184s]     inlined from 'grub_reed_solomon_recover' at 
../../grub-core/lib/reed_solomon.c:426:7:
[  184s] ../../grub-core/lib/reed_solomon.c:251:11: error: array subscript 0 is 
outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   251 |     if (sy[i] != 0)
[  184s]       |         ~~^~~
[  184s] ../../grub-core/lib/reed_solomon.c:279:24: error: array subscript 0 is 
outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   279 |     eqstat[errnum] = sy[0];
[  184s]       |                      ~~^~~
[  184s] ../../grub-core/lib/reed_solomon.c:279:20: error: array subscript 0 is 
outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   279 |     eqstat[errnum] = sy[0];
[  184s]       |     ~~~~~~~~~~~~~~~^~~~~~~
[  184s] ../../grub-core/lib/reed_solomon.c:292:16: error: array subscript 0 is 
outside array bounds of 'int[0]' [-Werror=array-bounds]
[  184s]   292 |       mm[errpos[i]] ^= errvals[i];
[  184s]       |          ~~~~~~^~~
[  184s] ../../grub-core/lib/reed_solomon.c:292:9: error: array subscript [0, 
2147483647] is outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   292 |       mm[errpos[i]] ^= errvals[i];
[  184s]       |       ~~^~~~~~~~~~~
[  184s] ../../grub-core/lib/reed_solomon.c:292:31: error: array subscript 0 is 
outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   292 |       mm[errpos[i]] ^= errvals[i];
[  184s]       |                        ~~~~~~~^~~
[  184s] ../../grub-core/lib/reed_solomon.c:292:21: error: array subscript [0, 
2147483647] is outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   292 |       mm[errpos[i]] ^= errvals[i];
[  184s]       |       ~~~~~~~~~~~~~~^~~~~~~~~~~~~
[  184s] ../../grub-core/lib/reed_solomon.c:286:47: error: array subscript [1, 
2147483646] is outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   286 |         eqstat[(errnum + 1) * i + errnum] = sy[i];
[  184s]       |                                             ~~^~~
[  184s] ../../grub-core/lib/reed_solomon.c:286:43: error: array subscript [0, 
2147483647] is outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   286 |         eqstat[(errnum + 1) * i + errnum] = sy[i];
[  184s]       |         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~
[  184s] ../../grub-core/lib/reed_solomon.c:284:56: error: array subscript 0 is 
outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   284 |                                                  
eqstat[(errnum + 1) * (i - 1)
[  184s]       |                                                  
~~~~~~^~~~~~~~~~~~~~~~~~~~~~~
[  184s]   285 |                                                         + j]);
[  184s]       |                                                         ~~~~
[  184s] ../../grub-core/lib/reed_solomon.c:283:56: error: array subscript 0 is 
outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   283 |           eqstat[(errnum + 1) * i + j] = gf_mul (errpot[j],
[  184s]       |                                                  ~~~~~~^~~
[  184s] ../../grub-core/lib/reed_solomon.c:283:40: error: array subscript [2, 
2147483647] is outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   283 |           eqstat[(errnum + 1) * i + j] = gf_mul (errpot[j],
[  184s]       |           ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~
[  184s]   284 |                                                  
eqstat[(errnum + 1) * (i - 1)
[  184s]       |                                                  
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[  184s]   285 |                                                         + j]);
[  184s]       |                                                         ~~~~~
[  184s] ../../grub-core/lib/reed_solomon.c:278:17: error: array subscript 0 is 
outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   278 |       eqstat[j] = 1;
[  184s]       |       ~~~~~~~~~~^~~
[  184s] ../../grub-core/lib/reed_solomon.c:271:58: error: array subscript 0 is 
outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   271 |     if (pol_evaluate (sigma, rs2 - 1, 255 - i) == gf_powx[i])
[  184s]       |                                                   ~~~~~~~^~~
[  184s] ../../grub-core/lib/reed_solomon.c:273:24: error: array subscript 0 is 
outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   273 |         errpot[errnum] = gf_powx[i];
[  184s]       |         ~~~~~~~~~~~~~~~^~~~~~~~~~~~
[  184s] ../../grub-core/lib/reed_solomon.c:274:26: error: array subscript [0, 
536870911] is outside array bounds of 'int[0]' [-Werror=array-bounds]
[  184s]   274 |         errpos[errnum++] = s + rs - i - 1;
[  184s]       |         ~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~
[  184s] ../../grub-core/lib/reed_solomon.c:265:16: error: array subscript 0 is 
outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   265 |       sigma[i] = 0;
[  184s]       |       ~~~~~~~~~^~~
[  184s] ../../grub-core/lib/reed_solomon.c:262:39: error: array subscript 0 is 
outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   262 |         eqstat[i * (rs2 + 1) + j] = sy[i+j];
[  184s]       |                                     ~~^~~~~
[  184s] ../../grub-core/lib/reed_solomon.c:262:35: error: array subscript [0, 
2147483647] is outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   262 |         eqstat[i * (rs2 + 1) + j] = sy[i+j];
[  184s]       |         ~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~
[  184s] In function 'decode_block',
[  184s]     inlined from 'grub_reed_solomon_recover' at 
../../grub-core/lib/reed_solomon.c:426:7:
[  184s] ../../grub-core/lib/reed_solomon.c:318:41: error: array subscript 0 is 
outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   318 |         ptr[SECTOR_SIZE * j + i] = mstat[j];
[  184s]       |                                    ~~~~~^~~
[  184s] In function 'rs_recover',
[  184s]     inlined from 'decode_block' at 
../../grub-core/lib/reed_solomon.c:315:7,
[  184s]     inlined from 'grub_reed_solomon_recover' at 
../../grub-core/lib/reed_solomon.c:426:7:
[  184s] ../../grub-core/lib/reed_solomon.c:248:11: error: array subscript 0 is 
outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   248 |     sy[i] = pol_evaluate (mm, s + rs - 1, i);
[  184s]       |     ~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[  184s] In function 'decode_block',
[  184s]     inlined from 'grub_reed_solomon_recover' at 
../../grub-core/lib/reed_solomon.c:426:7:
[  184s] ../../grub-core/lib/reed_solomon.c:313:23: error: array subscript [1, 
8388608] is outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   313 |         mstat[j + ds] = rptr[SECTOR_SIZE * j + i];
[  184s]       |         ~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~
[  184s] ../../grub-core/lib/reed_solomon.c:311:18: error: array subscript 0 is 
outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   311 |         mstat[j] = ptr[SECTOR_SIZE * j + i];
[  184s]       |         ~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~
[  184s] In function 'init_powx',
[  184s]     inlined from 'grub_reed_solomon_recover' at 
../../grub-core/lib/reed_solomon.c:412:3:
[  184s] ../../grub-core/lib/reed_solomon.c:128:18: error: array subscript 0 is 
outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   128 |       gf_powx[i] = cur;
[  184s]       |       ~~~~~~~~~~~^~~~~
[  184s] ../../grub-core/lib/reed_solomon.c:129:24: error: array subscript 
[255, 509] is outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   129 |       gf_powx[i + 255] = cur;
[  184s]       |       ~~~~~~~~~~~~~~~~~^~~~~
[  184s] ../../grub-core/lib/reed_solomon.c:130:24: error: array subscript 0 is 
outside array bounds of 'gf_single_t[0]' {aka 'unsigned char[]'} 
[-Werror=array-bounds]
[  184s]   130 |       gf_powx_inv[cur] = i;
[  184s]       |       ~~~~~~~~~~~~~~~~~^~~

Btw, here's completed list of global pointer with constant address for
your reference.

static gf_single_t * const gf_powx ATTRIBUTE_TEXT = (void *) 0x100000;
static gf_single_t * const gf_powx_inv ATTRIBUTE_TEXT = (void *) 0x100200;
static int *const chosenstat ATTRIBUTE_TEXT = (void *) 0x100300;
static gf_single_t *const sigma ATTRIBUTE_TEXT = (void *) 0x100700;
static gf_single_t *const errpot ATTRIBUTE_TEXT = (void *) 0x100800;
static int *const errpos ATTRIBUTE_TEXT = (void *) 0x100900;
static gf_single_t *const sy ATTRIBUTE_TEXT = (void *) 0x100d00;
static gf_single_t *const mstat ATTRIBUTE_TEXT = (void *) 0x100e00;
static gf_single_t *const errvals ATTRIBUTE_TEXT = (void *) 0x100f00;
static gf_single_t *const eqstat ATTRIBUTE_TEXT = (void *) 0x101000;

Thanks,
Michael

> 
> 
> Kind regards,
> 
> Paul
> 
> 
> > Signed-off-by: Michael Chang <mchang@suse.com>
> > ---
> >   grub-core/lib/reed_solomon.c | 9 +++++++++
> >   1 file changed, 9 insertions(+)
> > 
> > diff --git a/grub-core/lib/reed_solomon.c b/grub-core/lib/reed_solomon.c
> > index 82779a296b..562bd2e3e3 100644
> > --- a/grub-core/lib/reed_solomon.c
> > +++ b/grub-core/lib/reed_solomon.c
> > @@ -102,6 +102,11 @@ static gf_single_t errvals[256];
> >   static gf_single_t eqstat[65536 + 256];
> >   #endif
> > +#if __GNUC__ == 12
> > +#pragma GCC diagnostic push
> > +#pragma GCC diagnostic ignored "-Warray-bounds"
> > +#endif
> > +
> >   static gf_single_t
> >   gf_mul (gf_single_t a, gf_single_t b)
> >   {
> > @@ -319,6 +324,10 @@ decode_block (gf_single_t *ptr, grub_size_t s,
> >       }
> >   }
> > +#if __GNUC__ == 12
> > +#pragma GCC diagnostic pop
> > +#endif
> > +
> >   #if !defined (STANDALONE)
> >   static void
> >   encode_block (gf_single_t *ptr, grub_size_t s,




reply via email to

[Prev in Thread] Current Thread [Next in Thread]