lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Wed, 24 Oct 2007 08:02:46 -0600
From:	Matthew Wilcox <matthew@....cx>
To:	Florian Weimer <fw@...eb.enyo.de>
Cc:	torvalds@...ux-foundation.org, akpm@...ux-foundation.org,
	linux-kernel@...r.kernel.org,
	Matthew Wilcox <willy@...ux.intel.com>
Subject: Re: [PATCH 1/4] stringbuf: A string buffer implementation

On Wed, Oct 24, 2007 at 03:21:06PM +0200, Florian Weimer wrote:
> > +struct stringbuf {
> > +	char *s;
> > +	int alloc;
> > +	int len;
> > +};
> 
> I think alloc and len should be unsigned (including some return values
> in the remaining patch).

I don't.  Strings should never be as long as 2GB.  To put this in
perspective, the *entire* Encyclopaedia Britannica (all 32 volumes)
is estimated at being 1GB of text.

While it would be a fair criticism that I haven't put a check for
overrunning 2GB in the code, the implementation relies on a single
continuous buffer from kmalloc, and that's currently limited to 33554432
bytes (32MB).  I don't foresee kmalloc's maximum size going up by 7
orders of magnitude -- and if it did, fragmentation would prevent you
from ever getting it.

So, I might consider a change to set -E2BIG instead of -ENOMEM if we
pass KMALLOC_MAX_SIZE, but I do think this criticism is rather straining
at gnats.

Also, 'alloc' can be an errno, and that is signalled by a negative number.
Yes, we could do something like if (sb->alloc > (unsigned)-4095) like
the mmap code does, but given the points above, it's just not worth doing.

-- 
Intel are signing my paycheques ... these opinions are still mine
"Bill, look, we understand that you're interested in selling us this
operating system, but compare it to ours.  We can't possibly take such
a retrograde step."
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists