lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sat, 16 May 2009 09:14:23 +0900
From:	Tejun Heo <htejun@...il.com>
To:	Pete Zaitcev <zaitcev@...hat.com>
CC:	Jens Axboe <jens.axboe@...cle.com>,
	James Bottomley <James.Bottomley@...senPartnership.com>,
	Boaz Harrosh <bharrosh@...asas.com>,
	Linux Kernel <linux-kernel@...r.kernel.org>,
	linux-scsi <linux-scsi@...r.kernel.org>,
	IDE/ATA development list <linux-ide@...r.kernel.org>,
	Bartlomiej Zolnierkiewicz <bzolnier@...il.com>,
	Borislav Petkov <petkovbb@...glemail.com>,
	Sergei Shtylyov <sshtylyov@...mvista.com>,
	Eric Moore <Eric.Moore@....com>,
	"Darrick J. Wong" <djwong@...ibm.com>
Subject: Re: [PATCH block#for-2.6.31 2/3] block: set rq->resid_len to blk_rq_bytes()
 on issue

Hello,

Pete Zaitcev wrote:
>> So, I could have written
>>
>>  if (cmd->act_len >= rq->resid_len)
>> 	rq->resid_len = 0;
>>  else
>> 	rq->resid_len -= cmd->act_len
>>
>> Instead I wrote
>>
>>  rq->resid_len -= min(cmd->act_len, rq->resid_len);
>>
>> It's just capping the amount to be subtracted so that resid_len
>> doesn't underflow.  What is so wrong or bad style about that?
> 
> Curse of the gifted, I guess. To use a subtraction instead of zero
> this way looks like a pointless, even mischievous obfuscation to me.

Ummm... I don't know.  I prefer min/max over if/else when capping
values.  To me, it makes the intention clearer but you're the
maintainer and don't like the style, so I'll update the patch so that
it has the if/else clause.  :-)

> Also, we probably want a stack_dump or a printk when actual length
> exceeds the requested length, don't we? If it ever happens, we
> might be overwriting some I/O buffer somewhere.

It depends on particular implementation.  Transport overflow doesn't
necessarily become actual buffer overflow depending on hardware and
driver implementation.  If you think the user needs to be warned about
transport overflow, please go ahead and add a warning there.

Thanks.

-- 
tejun
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ