| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Pine.LNX.4.64N.0610311232190.30578@attu4.cs.washington.edu> Date: Tue, 31 Oct 2006 12:39:22 -0800 (PST) From: David Rientjes <rientjes@...washington.edu> To: Andreas Gruenbacher <agruen@...e.de> cc: Jesper Juhl <jesper.juhl@...il.com>, linux-kernel@...r.kernel.org, Neil Brown <neilb@....unsw.edu.au>, nfs@...ts.sourceforge.net, Andrew Morton <akpm@...l.org> Subject: Re: [PATCH] NFS: nfsaclsvc_encode_getaclres() - Fix potential NULL deref and tiny optimization. On Tue, 31 Oct 2006, Andreas Gruenbacher wrote: > > > w should be an unsigned int. > > > > Makes sense. > > No, this breaks the while loop further below: with an unsigned int, the loop > counter underflows and wraps. > This is not a problem with w being an unsigned int, it's a problem with the while loop. nfsacl_size() returns unsigned int as it should and the while loop can be written to respect that since integer division in C truncates: for (n = w / PAGE_SIZE; n > 0; n--) if (!rqstp->rq_respages[rqstp->rq_resused++]; - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists