[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <alpine.LFD.0.999.0707172205270.27353@woody.linux-foundation.org>
Date: Tue, 17 Jul 2007 22:12:09 -0700 (PDT)
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Roland Dreier <rdreier@...co.com>
cc: Jeff Garzik <jeff@...zik.org>, akpm@...ux-foundation.org,
linux-kernel@...r.kernel.org, linux-ide@...r.kernel.org,
chas@....nrl.navy.mil, rolandd@...co.com, dwmw2@...radead.org,
gregkh@...e.de
Subject: Re: [git patches 1/2] warnings: attack valid cases spotted by
warnings
On Tue, 17 Jul 2007, Roland Dreier wrote:
>
> > Anyway, here's a totally untested cleanup that compiles but probably
> > doesn't work, because I didn't check that I did the right thing with all
> > the pointer arithmetic (ie when I change "wqe" to a real structure pointer
> > instead of just a "void *", maybe I left some pointer arithmetic around
> > that expected it to work as a byte pointer, but now really works on the
> > whole structure size instead).
>
> Given that you took the time to do this, I'll get the patch into a
> working state and apply it. And maybe split it into reviewable chunks
> while I'm at it ;)
Hey, I appreciate it, but I really do have to warn you that I did this all
blind, and just meant for it to be a "I think this kind of direction is
more productive" thing. I'm not going to guarantee that it works at all.
I spent more time than I really wanted to on actually making sure the end
result even compiles (quite often, I'm perfectly happy to just send out
pseudo-code to indicate what I think should be done), but maybe I
shouldn't have done that, just so that nobody thinks that the patch is
necessarily going to *work*.
In other words, it's a totally mindless cleanup and re-factorization. It
*may* work, but quite frankly, I did it just for that one email, and spent
the absolutly minimum possible time thinking about it. As a result, I
really think it needs some serious looking over.
I also think that my new "handle_raddr_seg()" function could itself be
split up into subfunctions along the "switch()" subcases.
So not only wasn't it meant to be guaranteed correct, but it wasn't even
meant to be seen as the best possible final situation: it could be - and
should be - factored out even more (and the same goes for a lot of the
other functions in that file that I didn't really look at, just glance and
notice that they have some of the same problem patterns).
Linus
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists