lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 24 Jul 2013 18:35:22 +0400
From:	Sergei Shtylyov <sergei.shtylyov@...entembedded.com>
To:	Francesco Fusco <ffusco@...hat.com>
CC:	davem@...emloft.net, netdev@...r.kernel.org,
	Andrew Morton <akpm@...ux-foundation.org>,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH net-next 2/2] sysctl: range checking in do_proc_dointvec_ms_jiffies_conv

Hello.

On 24-07-2013 12:39, Francesco Fusco wrote:

> When (integer) sysctl values are expressed in ms and have to be
> represented internally as jiffies. The msecs_to_jiffies function
> returns an unsigned long, which gets assigned to the integer.
> This patch prevents the value to be assigned if bigger than
> INT_MAX, done in a similar way as in cba9f3 ("Range checking in
> do_proc_dointvec_(userhz_)jiffies_conv").

> Signed-off-by: Francesco Fusco <ffusco@...hat.com>
> CC: Andrew Morton <akpm@...ux-foundation.org>
> CC: linux-kernel@...r.kernel.org
> ---
>   kernel/sysctl.c | 6 +++++-
>   1 file changed, 5 insertions(+), 1 deletion(-)

> diff --git a/kernel/sysctl.c b/kernel/sysctl.c
> index ac09d98..00813e5 100644
> --- a/kernel/sysctl.c
> +++ b/kernel/sysctl.c
> @@ -2346,7 +2346,11 @@ static int do_proc_dointvec_ms_jiffies_conv(bool *negp, unsigned long *lvalp,
>   					    int write, void *data)
>   {
>   	if (write) {
> -		*valp = msecs_to_jiffies(*negp ? -*lvalp : *lvalp);
> +		unsigned long jif = 0;

    Pointless initializer. And an empty line wouldn't hurt after declaration.

> +		jif =  msecs_to_jiffies(*negp ? -*lvalp : *lvalp);

    One space after = is enough.

> +		if (jif > INT_MAX)
> +			return 1;
> +		*valp = (int)jif;

WBR, Sergei

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ