On Wed, Sep 25, 2013 at 09:25:46AM -0700, Bing Zhao wrote: > Hi Dan, > > > If "resp_len" gets set to negative then it counts as a high positive value. > > > > Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx> > > --- > > I spotted this reviewing the int => bool changes, but I don't have the > > hardware and can't test it. > > Thanks for spotting this potential integer underflow problem. > > I think we can change the 'resp_len' variable type to a signed integer > to fix this issue. No, that doesn't work because the comparison against sizeof() get's promoted to size_t. In other words, negative values still count as large positive values. regards, dan carpenter -- To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
