| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20200224123730.GB3308@kadam>
Date: Mon, 24 Feb 2020 15:37:30 +0300
From: Dan Carpenter <dan.carpenter@...cle.com>
To: Christian Brauner <christian.brauner@...ntu.com>
Cc: Colin King <colin.king@...onical.com>,
Christian Brauner <christian@...uner.io>,
Ingo Molnar <mingo@...nel.org>,
Peter Zijlstra <peterz@...radead.org>,
Thomas Gleixner <tglx@...utronix.de>,
Andrew Morton <akpm@...ux-foundation.org>,
Tejun Heo <tj@...nel.org>, kernel-janitors@...r.kernel.org,
linux-kernel@...r.kernel.org,
linux-kernel-mentees@...ts.linuxfoundation.org
Subject: Re: [PATCH][next] clone3: fix an unsigned args.cgroup comparison to
less than zero
On Mon, Feb 24, 2020 at 01:25:03PM +0100, Christian Brauner wrote:
> On Mon, Feb 24, 2020 at 10:31:57AM +0300, Dan Carpenter wrote:
> > On Sat, Feb 22, 2020 at 01:18:01PM +0100, Christian Brauner wrote:
> > > On Sat, Feb 22, 2020 at 12:15:13AM +0000, Colin King wrote:
> > > > From: Colin Ian King <colin.king@...onical.com>
> > > diff --git a/kernel/fork.c b/kernel/fork.c
> > > index 2diff --git a/kernel/fork.c b/kernel/fork.c
> > > index 2853e258fe1f..dca4dde3b5b2 100644
> > > --- a/kernel/fork.c
> > > +++ b/kernel/fork.c
> > > @@ -2618,7 +2618,8 @@ noinline static int copy_clone_args_from_user(struct kernel_clone_args *kargs,
> > > !valid_signal(args.exit_signal)))
> > > return -EINVAL;
> > >
> > > - if ((args.flags & CLONE_INTO_CGROUP) && args.cgroup < 0)
> > > + if ((args.flags & CLONE_INTO_CGROUP) &&
> > > + (args.cgroup > INT_MAX || (s64)args.cgroup < 0))
> >
> > If we're capping it at INT_MAX then the check for negative isn't
> > required and static analysis tools know it's not so they might complain.
>
> It isn't, but it's easier to understand for the reader. But I don't care
> that much and if it's trouble for tools than fine.
It's not trouble for tools, (the tools parse it correctly), it's trouble
for me looking at the static checker warnings...
regards,
dan carpenter
Powered by blists - more mailing lists