On Wed, Apr 05, 2017 at 07:58:00PM +0200, Ruediger Meier wrote: > > + ssz = read(cxt->dev_fd, ret, sz); > > The read(2) Linux manpage says: "If count is greater than SSIZE_MAX > (signed!), the result is unspecified." > > So maybe we should limit gpt_sizeof_ents() regarding SSIZE_MAX rather > than SIZE_MAX. I guess that even smwaller sizes would not be possible > to load into memory. OK, I have added SSIZE_MAX check before the read. > I'm also not sure that such big-reads (without using read() in a loop) > are portable at all. The area on disk is pretty small, and we read the entries array after header checksum verification. So, the read(2) should no be affected by corrupted disk and if someone has 44+ millions partitions then a random read(2) issue is probably the smallest issue in his live... (we can use read_all() from include/all-io.h, but I think it's overkill). Karel -- Karel Zak <kzak@xxxxxxxxxx> http://karelzak.blogspot.com -- To unsubscribe from this list: send the line "unsubscribe util-linux" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html