Re: [patch 1/2] vhost: potential integer overflows

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue, Oct 12, 2010 at 02:25:48PM +0200, Michael S. Tsirkin wrote:
> 
> As far as I can see, maximum value for num is 64K - 1:
> 
>                 if (!s.num || s.num > 0xffff || (s.num & (s.num - 1))) {
>                         r = -EINVAL;
>                         break;
>                 }
> 
> How can any of the above two trigger?
> It seems easier to check value for sanity at a single place where it's
> passed from userspace to kernel.
> 

Gar.  Sorry for that.  My mistake.

regards,
dan carpenter

_______________________________________________
Virtualization mailing list
Virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx
https://lists.linux-foundation.org/mailman/listinfo/virtualization
[Index of Archives]     [KVM Development]     [Libvirt Development]     [Libvirt Users]     [CentOS Virtualization]     [Netdev]     [Ethernet Bridging]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Bugtraq]     [Yosemite Forum]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux Admin]     [Samba]

  Powered by Linux