| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <yq1a6qqk68h.fsf@ca-mkp.ca.oracle.com>
Date: Thu, 25 Mar 2021 23:34:27 -0400
From: "Martin K. Petersen" <martin.petersen@...cle.com>
To: "Gustavo A. R. Silva" <gustavo@...eddedor.com>
Cc: "Martin K. Petersen" <martin.petersen@...cle.com>,
"Gustavo A. R. Silva" <gustavoars@...nel.org>,
Adaptec OEM Raid Solutions <aacraid@...rosemi.com>,
"James E.J. Bottomley" <jejb@...ux.ibm.com>,
linux-scsi@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-hardening@...r.kernel.org
Subject: Re: [PATCH][next] scsi: aacraid: Replace one-element array with
flexible-array member
Gustavo,
> Precisely this sort of confusion is one of the things we want to avoid
> by using flexible-array members instead of one-element arrays.
Ah, you're right!
Now that I look at it again I also don't think that was the issue that
originally caused concern.
@@ -4020,7 +4020,8 @@ static int aac_convert_sgraw2(struct aac_raw_io2 *rio2, int pages, int nseg, int
}
}
sge[pos] = rio2->sge[nseg-1];
- memcpy(&rio2->sge[1], &sge[1], (nseg_new-1)*sizeof(struct sge_ieee1212));
+ memcpy(&rio2->sge[1], &sge[1],
+ flex_array_size(rio2, sge, nseg_new - 1));
kfree(sge);
rio2->sgeCnt = cpu_to_le32(nseg_new);
I find it counter-intuitive to use the type of the destination array to
size the amount of source data to copy. "Are source and destination same
type? Does flex_array_size() do the right thing given the ->sge[1]
destination offset?". It wasn't immediately obvious. To me, "copy this
many scatterlist entries" in the original is much more readable.
That said, this whole function makes my head hurt!
--
Martin K. Petersen Oracle Linux Engineering
Powered by blists - more mailing lists