On Thu, Apr 24, 2014 at 02:51:15PM +0300, Dan Carpenter wrote:
> > >> if (libcfs_ioctl_is_invalid(data)) {
> > >>
> > >> Why do we even have all the "> (1<<30)" checks? I don't understand.
> > >> Anything over 1024 is invalid.
> > >>
> > I believe it is just a safe keeper. Anything that large is certainly
> > wrong.
>
> Ah. It prevents integer overflow bugs in libcfs_ioctl_packlen().
The integer overflow checks in libcfs_ioctl_is_invalid() are OK but the
checks in obd_ioctl_is_invalid() are insufficient.
regards,
dan carpenter
_______________________________________________
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxx
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
