On Wed, Jul 04, 2018 at 08:01:57PM +0300, Dan Carpenter wrote:
> On Wed, Jul 04, 2018 at 08:49:47AM -0600, Jason Gunthorpe wrote:
> > On Wed, Jul 04, 2018 at 12:55:41PM +0200, Håkon Bugge wrote:
> > > Is:
> > >
> > > if (ret < (int)nents) {
> > >
> > > a more intuitive fix?
> >
> > That could lead to truncation/force negativeness of nents :(
> >
>
> In this case, if nents is over INT_MAX we're already toasted.
Ugh, yes, functions accepting int for unsigned values is any
alarmingly common mistake too.
> > I wonder how many bugs like this we have.
>
> This is a static checker fix, so Julia fixed 3 and I fixed 6...
Leon found another case of implicit casting creating a user space
triggerable bug last week..
Jason
--
To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
