lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 31 Jan 2018 19:07:49 -0600 From: "Gustavo A. R. Silva" <garsilva@...eddedor.com> To: Alan Cox <gnomes@...rguk.ukuu.org.uk> Cc: "Gustavo A. R. Silva" <gustavo@...eddedor.com>, "Wong Hoi Sing, Edison" <hswong3i@...il.com>, "Hung Hing Lun, Mike" <hlhung3i@...il.com>, "David S. Miller" <davem@...emloft.net>, Alexey Kuznetsov <kuznet@....inr.ac.ru>, Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>, netdev@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] tcp_lp: use 64-bit arithmetic instead of 32-bit Hi Alan, Quoting Alan Cox <gnomes@...rguk.ukuu.org.uk>: > On Wed, 31 Jan 2018 18:24:07 -0600 > "Gustavo A. R. Silva" <gustavo@...eddedor.com> wrote: > >> Cast to s64 some variables and a macro in order to give the >> compiler complete information about the proper arithmetic to >> use. Notice that these elements are used in contexts that >> expect expressions of type s64 (64 bits, signed). >> >> Currently such expression are being evaluated using 32-bit >> arithmetic. > > The question you need to ask is 'can it overflow 32bit maths', otherwise > you are potentially making the system do extra work for no reason. > Yeah, I get your point and it seems that in this particular case there is no risk of a 32bit overflow, but in general and IMHO as the code evolves, the use of incorrect arithmetic may have security implications in the future, so I advocate for code correctness in this case. Thanks -- Gustavo
Powered by blists - more mailing lists