| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <9af191c2-0f2c-7637-433a-b557a07590ca@redhat.com> Date: Sun, 12 Jul 2020 08:12:43 -0700 From: Tom Rix <trix@...hat.com> To: "H. Peter Anvin" <hpa@...or.com>, alain@...ff.lu Cc: linux-kernel@...r.kernel.org, stable@...r.kernel.org Subject: Re: [PATCH] decompress_bunzip2: fix sizeof type in start_bunzip On 7/12/20 6:09 AM, H. Peter Anvin wrote: > On 2020-07-12 05:59, trix@...hat.com wrote: >> From: Tom Rix <trix@...hat.com> >> >> clang static analysis flags this error >> >> lib/decompress_bunzip2.c:671:13: warning: Result of 'malloc' is converted >> to a pointer of type 'unsigned int', which is incompatible with sizeof >> operand type 'int' [unix.MallocSizeof] >> bd->dbuf = large_malloc(bd->dbufSize * sizeof(int)); >> ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >> >> Reviewing the bunzip_data structure, the element dbuf is type >> >> /* Intermediate buffer and its size (in bytes) */ >> unsigned int *dbuf, dbufSize; >> >> So change the type in sizeof to 'unsigned int' >> > You must be kidding. > > If you want to change it, change it to sizeof(bd->dbuf) instead, but this flag > is at least in my opinion a total joke. For sizeof(int) != sizeof(unsigned > int) is beyond bizarre, no matter how stupid the platform. Using the actual type is more correct that using a type of the same size. trix > -hpa >
Powered by blists - more mailing lists