| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aY3njs-gh9P0cEjj@smile.fi.intel.com>
Date: Thu, 12 Feb 2026 16:45:34 +0200
From: Andy Shevchenko <andriy.shevchenko@...el.com>
To: David Laight <david.laight.linux@...il.com>
Cc: Dmitry Antipov <dmantipov@...dex.ru>,
Andrew Morton <akpm@...ux-foundation.org>,
Kees Cook <kees@...nel.org>, "Darrick J . Wong" <djwong@...nel.org>,
linux-hardening@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v7 1/5] lib: fix _parse_integer_limit() to handle overflow
On Thu, Feb 12, 2026 at 02:32:39PM +0000, David Laight wrote:
> On Thu, 12 Feb 2026 15:41:59 +0200
> Andy Shevchenko <andriy.shevchenko@...el.com> wrote:
> > On Thu, Feb 12, 2026 at 03:56:24PM +0300, Dmitry Antipov wrote:
...
> > > + for (rv = 0; max_chars--; rv++, s++) {
> >
> > Hmm... is max_chars being used inside for-loop body? I would rather use regular
> > pattern here:
> >
> > for (rv = 0; rv < max_chars; rv++, s++) {
> >
> > (just check that any integer / sign promotion doesn't change the logic).
>
> The 'problem' is that the loop sets 'OVERFLOW' in rv.
Ah, true...
--
With Best Regards,
Andy Shevchenko
Powered by blists - more mailing lists