[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20170718075444.ti5zucbwybkof6ap@mwanda>
Date: Tue, 18 Jul 2017 10:54:45 +0300
From: Dan Carpenter <dan.carpenter@...cle.com>
To: Jacob von Chorus <jacobvonchorus@...hoto.ca>
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Insop Song <insop.song@...nspeed.com>,
devel@...verdev.osuosl.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] staging: gs_fpgaboot: add buffer overflow checks
On Mon, Jul 17, 2017 at 08:21:20PM -0400, Jacob von Chorus wrote:
> On Mon, Jul 17, 2017 at 10:53:25PM +0300, Dan Carpenter wrote:
> > > + if (len + 1 > n) {
> >
> > It's more idiomatic to say "if (len >= n)". Plus that's a good habbit
>
> My reasoning behind using "((len + 1) > n)" is that len represents the length of
> the string without null-termination. "buf" is required to store a
> null-terminator on top of len. Using "len + 1" shows this requirement
> more clearly; I will add brackets around "len + 1" for emphasis.
>
Don't get into the habbit of saying len + 1 because you will end up
introducing integer overflows. Also don't add useless parenthesis.
Everyone who programs in C is used to NUL terminators, so it's not a new
concept which has to be explained.
regards,
dan carpenter
Powered by blists - more mailing lists