lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20140622010032.GT18016@ZenIV.linux.org.uk> Date: Sun, 22 Jun 2014 02:00:32 +0100 From: Al Viro <viro@...IV.linux.org.uk> To: James Bottomley <James.Bottomley@...senPartnership.com> Cc: Theodore Ts'o <tytso@....edu>, Dave Chinner <david@...morbit.com>, Jens Axboe <axboe@...com>, linux-kernel@...r.kernel.org, linux-scsi@...r.kernel.org Subject: Re: 32-bit bug in iovec iterator changes On Sun, Jun 22, 2014 at 01:53:52AM +0100, Al Viro wrote: > On Sat, Jun 21, 2014 at 05:32:44PM -0700, James Bottomley wrote: > > > No, we are not. Look: > > > * comparison promotes both operands to u64 here, so its result is > > > accurate, no matter how large count is. They are compared as natural > > > numbers. > > > > True ... figured this out 10 seconds after sending the email. > > > > > * assignment converts count to size_t, which *would* truncate for > > > values that are greater than the maximal value representable by size_t. > > > But in that case it's by definition greater than i->count, so we do not > > > reach that assignment at all. > > > > OK, so what I still don't get is why isn't the compiler warning when we > > truncate a u64 to a u32? We should get that warning in your new code, > > and we should have got that warning in fs/block_dev.c where it would > > have pinpointed the actual problem. > > In which universe? > > extern void f(unsigned int); > > void g(unsigned long x) > { > f(x); > } > > is perfectly valid C, with no warnings in sight. f(1UL << 32) might > give one, but not this... PS: I agree that it's worth careful commenting, obviously, but before sending it to Linus (*with* comments) I want to get a confirmation that this one-liner actually fixes what Ted is seeing. I have reproduced it here, and that change makes the breakage go away in my testing, but I'd like to make sure that we are seeing the same thing. Ted? -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists