| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 14 Jun 2016 13:44:29 +0300 From: Dan Carpenter <dan.carpenter@...cle.com> To: Andy Lutomirski <luto@...capital.net> Cc: Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>, "H. Peter Anvin" <hpa@...or.com>, X86 ML <x86@...nel.org>, Andy Lutomirski <luto@...nel.org>, Dave Hansen <dave.hansen@...ux.intel.com>, Jan Beulich <JBeulich@...e.com>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, kernel-janitors@...r.kernel.org Subject: Re: [patch] x86/ldt: silence a static checker warning On Mon, Jun 13, 2016 at 02:14:39PM -0700, Andy Lutomirski wrote: > On Sun, Jun 12, 2016 at 11:57 PM, Dan Carpenter > <dan.carpenter@...cle.com> wrote: > > It likely doesn't make a difference but my static checker complains > > that we put an upper bound on "size" but not a lower bound. Let's just > > make it unsigned. > > Shouldn't oldsize and newsize in write_ldt as well as the "size" > member in ldt_struct change, too? > Part of the joy of this check is that it complains about every time we cap the upper bound and not the lower bound so it's very thourough, but it also requires very minimal changes to silence the false positives. We know newsize can't be negative. If we change this one variable then we know oldsize and ldt_struct size can't be negative either. The problem really is that I haven't figured out out to deal with recursion... new_ldt = alloc_ldt_struct(old_mm->context.ldt->size); On the first run through, we don't know the value of ->size here so we have to assume it can be anything. regards, dan carpenter
Powered by blists - more mailing lists