| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 11 Sep 2015 08:42:27 +0000 From: David Laight <David.Laight@...LAB.COM> To: "'D. Hugh Redelmeier'" <hugh@...osa.com>, David Miller <davem@...emloft.net> CC: "netdev@...r.kernel.org" <netdev@...r.kernel.org> Subject: RE: PATCH: netdev: add a cast NLMSG_OK to avoid a GCC warning in users' code From: D. Hugh Redelmeier > Sent: 09 September 2015 21:24 ... > 2) if you use the type "unsigned int" on a 32-bit machine, you get the > warning for an earlier conjunct: > > #define NLMSG_OK(nlh,len) ((len) >= (int)sizeof(struct nlmsghdr) && \ > (nlh)->nlmsg_len >= sizeof(struct nlmsghdr) && \ > (nlh)->nlmsg_len <= (len)) > > (len) >= (int)sizeof(struct nlmsghdr) <=== unsigned >= int > > 3) on a 32-bit machine, size_t is likely "unsigned int" so the > same problem as (2) should arise. > > 4) on a 64-bit machine with 64-bit ints, the same problems are likely. > I don't have one to test on. > > Casting to "short" or "unsigned short" works, but I don't know that > the value is guaranteed to fit in either of them. Why not cast (nlh)->nl_msg_len instead? Or subtract the two values and compare against zero? Perhaps: (typeof (len))(nlh)->nlmsg_len <= (len) which is almost certainly safe unless 'len' is 'signed char'. David -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists